Does the national DNC registry cover email? What you actually need to know

The national DNC registry does not cover email. Here's what actually governs commercial email, what TCPA covers, and how to stay compliant. 160 chars.

LeadCompliant Team
23 min read
In This Article

Last updated 2026-07-09

Landline phone and laptop on desk illustrating DNC registry versus email compliance rules
Landline phone and laptop on desk illustrating DNC registry versus email compliance rules

TL;DR

The National Do Not Call Registry covers telephone solicitations only. It does not apply to email. Commercial email is regulated separately under CAN-SPAM (15 U.S.C. 7701), which has no central opt-out registry. Consumers unsubscribe per-sender, not through any government list. Realtors and other licensed professionals face the same rules everyone else does.

What does the National DNC Registry actually cover?

The National Do Not Call Registry is a telephone tool. Full stop. The FTC built it under the Telephone Consumer Protection Act (47 U.S.C. 227) and the Telemarketing Sales Rule (16 C.F.R. Part 310), and every word of the governing statute is about voice calls and, by extension, text messages to wireless numbers.[1] There is no email column, no email database, and no email lookup on donotcall.gov.

The registry lets consumers register their residential and wireless phone numbers to block most unsolicited telemarketing calls. Sellers and telemarketers have to scrub their call lists against the registry every 31 days or face penalties up to $51,744 per violation as of the FTC's most recent adjustment.[2] That penalty structure is built entirely around calls, not messages sent to an inbox.

So if you've been wondering whether emailing a phone number on the DNC list is somehow double-illegal, or whether a consumer who registered their number is also protected from your emails, the answer is no on both counts. The registry has one lane: telephone solicitations. Email lives in a completely different legal lane, governed by a completely different federal statute.

For a full picture of how the registry works for calls, see our guide to the dnc registry and the do not call list.

What law actually governs commercial email if not the DNC registry?

Commercial email is governed by CAN-SPAM: the Controlling the Assault of Non-Solicited Pornography and Marketing Act of 2003, codified at 15 U.S.C. 7701 et seq.[3] The FTC enforces it, same agency that runs the DNC registry, but the two frameworks share almost nothing except the regulator.

Here's the key structural difference. The DNC registry is opt-in: a consumer takes an affirmative step to put their number on a list that pre-blocks solicitations. CAN-SPAM is opt-out: you can legally email someone who has never heard of you, as long as your message meets the law's requirements and you honor unsubscribe requests promptly. The statute says recipients must be able to opt out of future emails and the sender must honor that request within 10 business days.[3]

CAN-SPAM's core requirements are:

  • No false or misleading header information
  • No deceptive subject lines
  • Clear identification that the message is an advertisement
  • A physical postal address in the message
  • A clear and conspicuous opt-out mechanism
  • Honor opt-outs within 10 business days

Notice what's missing: any requirement to check a government registry before you send. There is no national do-not-email database. The FTC weighed one in the early 2000s and concluded it would be technically unworkable and a security risk, publishing that finding in a 2004 report to Congress.[4]

Penalties under CAN-SPAM run up to $53,088 per email in a sequence of violations, though the FTC typically calculates fines per campaign rather than per individual message.[5] The Department of Justice can also bring criminal charges in egregious cases.

Is there any government do-not-email list consumers can register for?

No. The federal government does not run a do-not-email registry, and no state has built one either, as of mid-2025. The FTC studied the idea and rejected it. Its 2004 report to Congress named four problems: verifying email addresses would be nearly impossible, spammers would harvest the list, legitimate marketers would carry big compliance costs, and the registry would do almost nothing to stop the bad actors behind most email abuse.[4]

Some states have floated the concept over the years. None has enacted a working analog to their telephone DNC lists. If your compliance team ever hears a vendor pitch a "national email do-not-contact list" as a required scrub, that's either a misunderstanding or a sales pitch for a proprietary suppression list, which is a different product entirely.

What consumers actually have instead: the right to opt out from any sender's list under CAN-SPAM, and in California, the right under the California Consumer Privacy Act (CCPA) to request deletion of their data and opt out of the sale of their personal information, which reaches email marketing lists differently.[6] The CCPA is not a do-not-email registry either, but it has teeth for California residents.

The practical upshot for your team: there is no government list to scrub against before sending commercial email. Your obligation runs through your own suppression list, your CAN-SPAM compliance, and any state privacy laws that reach your audience.

Does the DNC registry apply to real estate agents? Can realtors email people who registered?

This question comes up constantly on real estate sales teams, partly because the National Association of Realtors (NAR) has its own ethics code and partly because agents make a lot of outbound contact. Here is the plain answer: realtors follow the same federal DNC rules as everyone else for telephone calls, and the DNC registry does not cover email for realtors any more than it covers email for anyone else.[1]

For calls, real estate agents get a narrow established business relationship (EBR) exemption. If a consumer contacted an agent or brokerage within the past 18 months about a real property transaction, the agent can call that consumer even if the number sits on the DNC registry, under the FTC's Telemarketing Sales Rule.[2] That exemption applies only to calls, not email, because email isn't in the registry framework at all.

For email, a realtor sending a commercial message to a prospect must follow CAN-SPAM. That means accurate headers, a physical address, and a working unsubscribe. NAR's Code of Ethics Standard of Practice 12-9 also requires that all electronic communications from realtors include their name, brokerage, and contact information, which overlaps with but does not replace CAN-SPAM requirements.[7]

Short version: realtors can email prospects who sit on the phone DNC registry, because the registry doesn't touch email. But those emails still have to be CAN-SPAM compliant, and if the prospect says stop, you stop.

What's the difference between TCPA and CAN-SPAM for outbound teams?

These two laws regulate different channels with different consent models, which trips up a lot of outbound teams that handle both calls and email.

TCPA (47 U.S.C. 227)CAN-SPAM (15 U.S.C. 7701)
ChannelPhone calls, SMS/text, faxCommercial email
RegulatorFCC (primary), FTCFTC
Consent modelPrior express written consent required for most autodialed/prerecorded calls and textsOpt-out (send first, honor unsubscribes)
Government registryNational DNC Registry (FTC-managed)None
Per-violation penaltyUp to $500-$1,500 per call/textUp to $53,088 per email in a sequence
Private right of actionYes, plaintiff's bar is activeNo private right of action (FTC/DOJ enforce)
State overlaysYes, many states have stricter rulesLimited; some state laws add requirements

The TCPA's private right of action is what makes phone and text compliance so expensive. Plaintiffs can sue directly without waiting for the FTC, and TCPA class actions regularly settle in the millions. CAN-SPAM has no equivalent private right of action, so email enforcement goes through the FTC. The litigation risk profile is very different.

Don't read "lower litigation risk" as "email is unregulated." State privacy laws, particularly CCPA in California and VCDPA in Virginia, create obligations around marketing lists and consumer data that reach email programs.[6] And if your emails connect to a telemarketing campaign, the FTC can treat them together when weighing deception claims.

For the telephone side of your compliance picture, see how the ftc do not call list works and how to get the do not call list for scrubbing.

Key differences: telephone DNC rules vs. email CAN-SPAM rules Per-violation penalty ceilings under each federal framework TCPA/DNC: max penalty per call or… $1,500 TCPA/DNC: standard penalty per ca… $500 CAN-SPAM: max penalty per email i… $53k DNC registry: civil penalty per v… $52k Source: FTC (Telemarketing Sales Rule, CAN-SPAM enforcement), 2024

What are the real email compliance requirements for outbound sales teams?

If you're running outbound email for sales or marketing, here's what you actually have to do under CAN-SPAM, and where teams consistently fall short.

First, the from-line has to be accurate. The "From," "To," "Reply-To," and routing information must correctly identify the person or business that sent the message. A fake sender name or a domain you don't own is a violation, and it's also the fastest way to trip a spam filter.

Second, subject lines cannot deceive. "Re: our conversation" when there was no conversation is a deceptive subject line. The FTC has taken action on exactly this practice.

Third, you must identify the message as an advertisement. CAN-SPAM gives you flexibility in how, but it has to be clear and conspicuous somewhere in the message. Pure sales outreach dressed up as a personal note sits in a gray area the FTC has not fully resolved. It's a real risk.

Fourth, include a valid physical postal address. A P.O. box registered to your company works. A rented private mailbox service address can also work. No address at all is a violation.

Fifth, include a working opt-out mechanism that functions for at least 30 days after you send. You cannot require the recipient to log in, pay a fee, or hand over anything beyond their email address to unsubscribe.

Sixth, honor opt-out requests within 10 business days and do not sell or transfer that person's address to another list after they've opted out.[3]

Where teams get tripped up most: they honor unsubscribes in one email tool but not in another, so a contact who opts out of one campaign keeps getting emails from a different sequence. One suppression list that all your email systems read from solves this.

Do state do-not-call lists cover email? What about state-level email laws?

State DNC lists are telephone lists, same as the federal one. Florida, Indiana, and Pennsylvania run their own supplemental do-not-call registries that work alongside the federal list, but none reaches email.[8][9][10] A consumer who registers with the florida do not call list or the indiana do not call list is blocking phone solicitations, not email.

On the email side, several states passed laws that add requirements on top of CAN-SPAM, though federal courts have generally held that CAN-SPAM preempts most state commercial email laws inconsistent with it. California's anti-spam statute (Business and Professions Code Section 17529 et seq.) survived preemption analysis in part because it targets fraud rather than volume alone.[6]

The bigger state-level issue for email programs is data privacy law. California's CCPA and CPRA, Colorado's CPA, Virginia's VCDPA, Connecticut's CTDPA, and Texas's TDPSA all give consumers rights over their personal data that turn into obligations for email marketers: the right to opt out of having their data sold or shared, the right to deletion, and in some states the right to opt out of targeted advertising. These aren't do-not-email registries. They act as brakes on the list-building and data-sharing practices that feed email campaigns.

The honest read: if your list came from a data broker and you're emailing California residents, you have CCPA exposure that has nothing to do with CAN-SPAM. Run both analyses separately.

What happens if you confuse DNC and email rules? Real enforcement examples

The FTC and FCC have said plainly in public guidance that the two frameworks are separate. Enforcement actions show what happens when companies ignore either one.

On the telephone side, the FTC has levied nine-figure fines. In 2022, the FTC sued a robocall operation tied to Roy Cox Jr. and associated entities for making billions of calls to DNC-registered numbers, seeking over $1.3 billion in civil penalties.[11] The scale is extreme, but the legal theory is simple: the registry was ignored.

On the email side, CAN-SPAM enforcement produces smaller headline numbers with steady action. The FTC's CAN-SPAM cases have targeted deceptive subject lines and broken opt-out links, the kind of procedural failure that starts as sloppiness rather than fraud.[5] An unsubscribe link that doesn't work reliably is enough to draw a case.

A confusion error auditors see all the time: teams scrub their call lists against the DNC registry, then reuse the same lead list for email with no CAN-SPAM hygiene, assuming a lead that passed DNC scrub is clear for every channel. It isn't. The DNC scrub tells you nothing about whether that email address already opted out of your company's emails. Those are separate records with separate legal consequences.

LeadCompliant's free TCPA and DNC checker tools help you audit your call and text list hygiene. For email, your suppression list lives inside your email platform. Both need attention. Neither substitutes for the other.

How should outbound teams manage both phone and email compliance together?

Most small outbound teams run calls and email out of a CRM with different compliance logic (or none) for each. That's where exposure builds up quietly. Here's the structure that actually works.

Separate your suppression lists by channel. Your DNC-scrubbed phone numbers and your email unsubscribe list are legally and operationally different. Keep them in different places, or at least tag them by channel, so an email unsubscribe doesn't accidentally reactivate a phone number and the reverse.

Scrub phone numbers against the government do not call list every 31 days. This is a legal requirement, not a best practice.[2] For wireless numbers, work through your TCPA consent documentation too, because the DNC registry is necessary but not sufficient for cell phone outreach. Our guide to the mobile phone do not call list covers the wireless-specific issues.

For email, build your suppression list from day one and make it global across every sending tool. Your CRM, your marketing automation tool, your transactional email service, all of them need to read from that same suppression list. One tool missing one unsubscribe is a CAN-SPAM violation.

Document your consent for both channels. For calls to wireless numbers, you need prior express written consent for autodialed or prerecorded messages under TCPA. For email, you don't need prior consent under CAN-SPAM, but if you run a permission-based model (which cuts your spam rate and keeps you off blocklists), document when and how consent was given.

Review your email sending domain and IP reputation quarterly. High spam complaint rates signal that something in your targeting or messaging is off, and they often come right before regulatory attention. The FTC watches volume and complaint patterns.

If you want a structured process for all of this, LeadCompliant's one-time compliance kit has the templates and checklists for both the phone and email sides in one place.

What should you do if a consumer asks to be on your internal do-not-contact list for email?

Honor it immediately, and make sure "immediately" means "within 10 business days" at worst, which is what CAN-SPAM requires.[3] In practice, if your email platform runs automation, the unsubscribe should process the same day. The 10-business-day window is a legal floor, not a target.

Beyond CAN-SPAM, some states give consumers rights that go further. Under California's CCPA, a consumer can request deletion of their personal information, which includes their email address in your list, and you have 45 days to comply.[6] That's a different process than a simple unsubscribe: it means removing their data from your records entirely, more than suppressing future sends.

Treat any unsubscribe or do-not-contact request as a suppression record, more than a preference flag. The record should include the date of the request, the channel it came through (reply email, web form, phone call), and a note that the contact is suppressed. If you ever land in an enforcement inquiry, that audit trail matters.

Think about what "do not contact" means across channels. If a consumer tells you by phone they don't want any more contact, does your process update their email status too? It should, both because it's right and because the FTC can look at overall conduct when weighing deception or unfair practice claims.

For reporting issues you run into with unwanted calls, the do not call list report process explains how consumers flag violators to the FTC.

What's the bottom line on DNC registry and email for your outbound program?

The National Do Not Call Registry does not touch email. It never has, and there is no legislative or regulatory proposal that would change this any time soon. Your email program runs under CAN-SPAM federally and under state privacy laws for the states where your audience lives.

The confusion makes sense, because both channels feed from the same lead lists and both use the phrase "do not contact" in practice. But the legal frameworks differ in almost every dimension: the consent model, the registry infrastructure, the enforcement mechanism, and the private litigation risk.

Here's the actionable split for your team. Telephone outreach (calls and texts) requires DNC scrubbing every 31 days and prior express written consent for autodialed or prerecorded messages to cell phones. Email requires a working suppression list, CAN-SPAM-compliant message structure, and prompt honoring of opt-outs, plus CCPA or other state privacy compliance if your list includes consumers from regulated states.

Run the compliance logic for each channel separately. Cross-reference your lead lists against both channel suppression records. And if a consumer asks you to stop in any medium, stop in all of them. The law may not require that in every case, but it's the cleanest practice and it keeps you far from the enforcement edge.

For the do not call telemarketer list rules that apply to your phone outreach alongside these email rules, that article covers the telemarketer-specific obligations in detail.

Frequently asked questions

Does the national DNC registry apply to email marketing?

No. The National Do Not Call Registry applies exclusively to telephone solicitations, including voice calls and text messages to wireless numbers. It has no jurisdiction over email. Commercial email is regulated by CAN-SPAM (15 U.S.C. 7701), which the FTC enforces but which operates on a completely separate opt-out framework with no central government registry.

Is there a national do-not-email registry I need to check before sending?

There is no national do-not-email registry. The FTC studied the concept in 2004 and recommended against creating one, citing risks like spammer harvesting and verification problems. Your email compliance obligation runs through your own unsubscribe and suppression list, not through any government database. There is no required pre-send government scrub for commercial email.

Can realtors email people who are on the DNC registry?

Yes, because the DNC registry covers phone calls, not email. A consumer registering their number blocks telephone solicitations only. Realtors can email those consumers as long as the emails comply with CAN-SPAM: accurate headers, a physical address, and a working unsubscribe. NAR's Code of Ethics also requires that agent name and brokerage appear in electronic communications.

What is the penalty for violating CAN-SPAM versus TCPA?

CAN-SPAM penalties run up to $53,088 per email in a violating sequence, enforced by the FTC with no private right of action. TCPA penalties run $500 to $1,500 per individual call or text, and private plaintiffs can sue directly, making class actions common. TCPA litigation risk is substantially higher for most small outbound teams because anyone can file suit without waiting for the FTC.

Do state DNC lists cover email like they cover phone calls?

No. Every state DNC list, including Florida's, Indiana's, and Pennsylvania's, is a telephone registry. None extends to email. State-level email obligations come from data privacy laws like California's CCPA and CPRA, not from telephone do-not-call frameworks. Registering on a state DNC list does not protect a consumer from receiving commercial email.

How long do I have to honor an email unsubscribe request under CAN-SPAM?

Ten business days from when the opt-out request is received. Your unsubscribe mechanism must stay functional for at least 30 days after you send the email. After someone opts out, you cannot require them to provide anything beyond their email address to complete the process, and you cannot sell or transfer their address to another list.

No. TCPA's prior express written consent requirement applies to autodialed or prerecorded calls and texts to wireless numbers, and to prerecorded calls to residential lines. It does not govern email. Email falls under CAN-SPAM, which permits commercial email without prior consent as long as the message meets opt-out and identification requirements.

Can I use the same lead list for both calls and email?

You can use the same list for targeting, but your compliance logic must run separately for each channel. A number that passed DNC scrub is cleared for calls (subject to TCPA consent rules for cell phones), but that says nothing about whether the contact previously opted out of your email. You need a separate email suppression check against your own unsubscribe records for every send.

What does CAN-SPAM require in a commercial email message?

CAN-SPAM requires accurate header information, a non-deceptive subject line, clear identification that the message is an advertisement, a valid physical postal address, a clear opt-out mechanism that works for at least 30 days, and honoring opt-outs within 10 business days. Sending to purchased lists without these elements in place is a common source of enforcement action.

Does the CCPA act like a do-not-email registry for California residents?

Not exactly, but it has a similar practical effect in some ways. Under CCPA and CPRA, California residents can opt out of the sale or sharing of their personal information, which affects list purchases and data sharing that feed email campaigns. They can also request deletion of their data. It's not a pre-send scrub registry, but it creates deletion and opt-out obligations that can remove contacts from your lists.

Is there a private right of action for CAN-SPAM violations, like there is for TCPA?

No. CAN-SPAM has no private right of action for individual recipients. Enforcement is handled by the FTC, the Department of Justice, and state attorneys general. This is a significant difference from TCPA, where individual plaintiffs and class action attorneys can sue directly. CAN-SPAM violations carry real financial penalties, but private-plaintiff exposure is much lower than for TCPA violations.

How often do I need to scrub my email list against a government registry?

Never, because no government email registry exists. For phone numbers you're calling, you must scrub against the National DNC Registry at least every 31 days under FTC rules. For email, your compliance scrub is internal: check your own unsubscribe and suppression list before every send. There is no government database to query for email addresses the way there is for phone numbers.

What is the difference between a DNC registry scrub and an email suppression list?

A DNC registry scrub is a mandatory check against the federal and any applicable state government databases of telephone numbers that have opted out of telemarketing calls. You must do it at least every 31 days and pay for access above the free 5-area-code limit. An email suppression list is your own internal database of addresses that unsubscribed from your emails. You build and maintain it yourself; no government provides it.

Do I need to register my company anywhere to send commercial email legally?

No federal registration is required to send commercial email under CAN-SPAM. You don't register with the FTC or any other agency. Your obligation is to send compliant messages and maintain a suppression list. If you operate in states with data privacy laws like CCPA, you may have registration or data processing obligations under those laws, but those are separate from CAN-SPAM.

Sources

  1. FTC, National Do Not Call Registry, donotcall.gov: The National Do Not Call Registry covers telephone solicitations only; it does not apply to email.
  2. FTC, Complying with the Telemarketing Sales Rule (16 C.F.R. Part 310): Sellers must scrub call lists against the DNC registry every 31 days; civil penalties up to $51,744 per violation as of the most recent FTC adjustment.
  3. U.S. Congress, CAN-SPAM Act of 2003, 15 U.S.C. 7701 et seq.: CAN-SPAM requires senders to honor opt-out requests within 10 business days and sets requirements for headers, subject lines, identification, and physical address.
  4. FTC, Report to Congress: National Do Not Email Registry (2004): The FTC recommended against creating a national do-not-email registry, citing verification problems and risk of spammer harvesting.
  5. FTC, Cases and Proceedings (CAN-SPAM enforcement actions): FTC CAN-SPAM penalties can reach $53,088 per email in a violating sequence; enforcement actions have included companies using deceptive subject lines and broken opt-out links.
  6. California Attorney General, California Consumer Privacy Act (CCPA): CCPA gives California residents the right to opt out of sale of personal information and to request deletion, affecting email marketing lists; businesses have 45 days to respond to deletion requests.
  7. National Association of Realtors, Code of Ethics and Standards of Practice: NAR Standard of Practice 12-9 requires that all electronic communications from realtors include their name, brokerage, and contact information.
  8. Florida Department of Agriculture and Consumer Services, Florida Do Not Call Program: Florida's Do Not Call registry covers telephone solicitations only and does not apply to email.
  9. Indiana Attorney General, Consumer Protection Division: Indiana's Do Not Call registry applies to telephone calls, not commercial email.
  10. Pennsylvania Office of Attorney General, Consumer Protection: Pennsylvania's Do Not Call list applies to telephone solicitations, not email.
  11. FTC, News and Press Releases (2022 robocall enforcement action): The FTC sued a robocall operation seeking over $1.3 billion in civil penalties for making billions of calls to DNC-registered numbers.

Disclaimer: LeadCompliant is a compliance review tool, not a law firm. We do not provide legal advice. Consult with a TCPA attorney for legal guidance on specific compliance questions. Compliance scores, audits, and risk assessments are informational only.

LeadCompliant Team

LeadCompliant provides expert guidance and tools to help you succeed. Our content is reviewed for accuracy and kept up to date.

Related Articles

Related Glossary Terms

LeadCompliant
Build My Kit