v1.2.0Communicationscommunicationsemailsmscan-spamtcpacompliance

Email & SMS Compliance Audit

CAN-SPAM Act and TCPA compliance for commercial emails and text messages covering unsubscribe mechanisms, sender identity, consent, and content delivery rules.

This audit evaluates 20 checks across unsubscribe and opt-out mechanisms (one-click unsubscribe, 10-day processing, SMS STOP handling), sender identity and transparency (accurate From, non-deceptive subjects, physical address, SMS sender ID), consent and opt-in (prior express written consent for SMS, confirmation, consent records, separate per-channel consent), and content delivery rules (no misleading headers, transactional vs. marketing distinction, frequency disclosure, suppression lists). For any application that sends commercial emails or SMS, this audit identifies CAN-SPAM and TCPA compliance gaps.

What's Included

Total Checks

Delivery Formats

Changelog

v1.2.0

Quality hardening: added counting/enumeration, numeric thresholds, anti-sycophancy patterns, cross-references to all checks. Manifests tightened to exact tolerances.

2026-04-03

v1.1.2

Added chunked format for browser-based tools

2026-03-01

v1.1.1

Improved Step 3: paste URL is now primary submission method

2026-03-01

v1.1.0

Tightened no-misleading-headers check definition: clarified header injection as the primary fail pattern (user-supplied display names interpolated without sanitizing \r\n\0), distinguished from accurate-from domain check. Updated bare-minimum fixture to include header injection vector for consistent adversarial testing.

2026-03-01

v1.0.1

Hardened curl commands with -sS -L flags for redirect following and error visibility. Added response validation guidance to Step 3.

2026-02-23

v1.0.0

Initial release

2026-02-22

Get This Audit

Select Format

Runs locally in your AI tool. AuditBuffet never sees your code — only check results, scores, and tech stack names are submitted.

Auto-submits results via your terminal. Your AI tool will confirm before sending.

Subscribe to Access

$9/month or $79/year — includes all 117 Pro audits

Prompt locked for non-subscribers

How to Run

Copy the prompt in your preferred format above.

Paste into your AI coding tool (Claude Code, Cursor, Bolt, etc.).

Let the AI run all checks. Review the structured JSON output it produces.

Submit the JSON telemetry block to AuditBuffet for scoring and benchmarks.

Read the full guide

Have your results?

Paste your JSON telemetry to get scores and benchmarks.

Submit Results

Audits often run with this one

Picked by pack overlap with this audit.

Email & SMS Compliance Audit

CAN-SPAM Act and TCPA compliance for commercial emails and text messages covering unsubscribe mechanisms, sender identity, consent, and content delivery rules.

Changelog

v1.2.0

Quality hardening: added counting/enumeration, numeric thresholds, anti-sycophancy patterns, cross-references to all checks. Manifests tightened to exact tolerances.

2026-04-03

v1.1.2

Added chunked format for browser-based tools

2026-03-01

v1.1.1

Improved Step 3: paste URL is now primary submission method

2026-03-01

v1.1.0

2026-03-01

v1.0.1

Hardened curl commands with -sS -L flags for redirect following and error visibility. Added response validation guidance to Step 3.

2026-02-23

v1.0.0

Initial release

2026-02-22

Email & SMS Compliance Audit

Changelog

Audits often run with this one

FTC Consumer Protection Audit

Subscription & Auto-Renewal Compliance Audit

Terms of Service & Legal Pages Audit

Email & SMS Compliance Audit

Changelog

Audits often run with this one

FTC Consumer Protection Audit

Subscription & Auto-Renewal Compliance Audit

Terms of Service & Legal Pages Audit