Client wants to spam cold emails - am I wrong?

budgetburner

Got a client who's dead set on shifting their budget into cold emailing addresses scraped from public websites and directories. I've explained CAN-SPAM, the compliance risks, the penalties, and the fact half these inboxes are generic info@ addresses that never reach decision-makers. Also pointed out that cold outreach typically performs like garbage compared to a proper targeted campaign.

Their argument? It'll be cheaper and more effective. Because apparently scraping lists and blasting them costs nothing and delivers magic ROI. i've refused to run it, but now I'm sat here wondering if I'm the one being naive.

I've seen plenty of B2B cold email success stories, sure. And I get that CAN-SPAM isn't as scary for B2B as for B2C. but there's a difference between sending a thoughtful, compliant cold email to a vetted contact and scrabbling together a pile of random addresses from some directory.

They told me to find a lawyer for a legal opinion. That's their solution. so now I'm stuck - do i drag a solicitor into this to keep a client happy, or do I walk away from the whole mess?

Honestly, I'm not sure what's more frustrating: the client's stubbornness or my own second-guessing.

nightowl

It's less about caution and more about understanding that a domain's reputation is like a seller's account health-once it's dinged, everything tied to it suffers. Cold-blasting scraped addresses doesn't just risk CAN-SPAM fines, it poisons the well for the warm email and SMS sequences that are actually converting for this client. Frame it as taking the pipeline that's already profitable and burning it to chase a lower-yield channel. In macro terms, you're sacrificing compounding returns for a short-term spike. The smart play is to protect the assets that keep the lights on.

ryanseo

No, you're not being too cautious - and your client is flat out wrong here. Spam isn't just annoying, it breaks compliance on every legitimate platform. Here's the reality:

List health matters. Mass unsolicited outreach kills deliverability. If you're using any proper ESP or CRM, repeated spam complaints get the list flagged or shut down entirely.
Legal risks. GDPR, CAN-SPAM, CASL - none of them allow blasting people who haven't opted in. One complaint to the ICO or FTC and the client's whole operation is under scrutiny.
Long-term damage. Even if the client thinks "one round won't hurt," it trains their domain to land in spam folders permanently. Fixing that takes months.

Your job is to protect your client from their own bad ideas. Push back with data, offer an alternative lead-gen strategy, and if they still insist? Walk away. A burned domain is not worth the retainer.

chatbox

This is B2B, not B2C - CAN-SPAM is far less of a headache. But that doesn't mean you ignore compliance entirely.

I've set up cold email campaigns for a dozen SaaS clients over the last few years. A few of those campaigns absolutely crushed it (think 40-50% reply rates on hyper-targeted lists). So yes, cold email can work exceptionally well when done right.

Here's the process I usually walk clients through:

1. Validate the list before sending
Run the prospects through something like Ahrefs' email verifier or NeverBounce. You don't want bounces wrecking your domain reputation from day one.

2. Warm up the sending domain
Use a service like Mailwarm or send manual warm-up emails for a couple of weeks. If you skip this, you'll land in spam folders even if you're fully compliant.

3. Single unsubscribe link + physical address
That's the legal minimum in most jurisdictions. Include a simple "reply to opt-out" mechanism too - it keeps your sender reputation clean.

4. Get a legal opinion on the specific list
If you suspect the client is scraping LinkedIn profiles without consent or buying a dodgy list, print out the relevant legislation (CAN-SPAM, GDPR, PECR depending on geography), hand it to them, and politely refuse to deploy until they get an attorney's letter. I've done that twice. Both times it turned out the client had a reasonable setup, but they just lacked documentation.

5. Test before you judge
I'd never assume something won't work before trying it - especially in B2B. Industries change, inbox algorithms shift, and a tactic that flopped two years ago might do wonders today. A/B test subject lines, send times, and personalisation angles.

You're not being too cautious - you're being smart. But caution shouldn't mean paralysis. Validate, warm, and iterate. If the client won't give you the legal cover, walk. If they will, then get stuck in and measure everything with GTM + a UTMs-based CRM.

copycat

my advice? See it as a simple trade. if you don't do it, they'll find someone who will. Just make sure the pay makes the risk worth your while - and remember, your reputation is the real price tag.

budgetburner

You're not being too cautious - you're the only one in the room with a functioning brain. spamming people is the fastest way to torch a brand's reputation and get blacklisted by every inbox in existence. I've had clients pull this nonsense before. They think volume equals results. it doesn't. It just makes you look desperate and amateur. trust your gut, and if they won't listen, walk away. there's no shortage of clients who actually want to build something that lasts

cyberpunk

I've dealt with clients like that. Usually they've picked up the idea from some dodgy LinkedIn guru or a sales podcast promising cheap leads. might be worth digging into where they got it.

But if it makes you uncomfortable, don't do it. Full stop.

What exactly are they planning to send? If it's a cold pitch screaming "buy my product", you're right to say no. If it's a genuinely useful resource with real personalisation, that's a different story. I've seen personalised content-based outreach drive decent pipeline, but it takes serious effort. the "spray and pray" approach? That's just burning your domain reputation.

olivia-roas

The instinct to push back is spot on, but you need to give them a numbers-based alternative - not just the legal scare.

Cold email from scraped lists doesn't just flop because of CAN-SPAM. It's the intent gap. Someone whose address got pulled from a public directory has zero clue why you're emailing them. Compare that to someone who actually Googled your client's problem and landed on their site. The conversion delta between those two audiences is usually 10x or more.

I work with six-figure daily ad budgets, and this exact fight comes up constantly with early-stage clients panicking for leads. The move that actually pays off: take that same budget and target the search queries their prospects type when they're already sitting in the pain. You get inbound leads with pre-existing intent instead of cold contacts who delete before reading the subject line.

For your client specifically - do the math. Cold email might scrape a 0.5% response rate. Their paid ads convert at 3%. Once you factor in domain reputation damage and the hours spent hunting down addresses, the cost per qualified lead from email almost always comes out higher.

Would framing it as cost-per-qualified-lead instead of compliance risk help you shut this down faster?

pixelpusher

refuse it? Obviously. But let's be real - "spamming" is too vague. If the client thinks pulling emails from some directory is a growth strategy, they're clueless about deliverability. i've seen entire domains burned in a week because someone couldn't say no to a "cheap leads" pitch.

Thing is, I've also seen the opposite: people over-index on "list quality" and end up with 200 subscribers who never buy. A scraped list isn't spam if you actually warm up domains, personalise, and segment. Most agencies just don't have the spine to tell a client their "targeted list" is equally garbage.

Documenting your concerns is the safe play, sure. But if you want to keep the account, flip the script. Show them the numbers: burnt domain = zero ROI for six months. Let them argue with that.

prpro

You can absolutely email cold leads, but think of it like knocking on someone's door-you have to announce who you are and give them a clear way to leave. every CAN-SPAM misstep puts both you and your client at risk of fines. I always tell clients to read the fine print carefully, it's the quiet part that bites hardest

neonlights

You're being too cautious? No, you're being smart. The ROI on spam is negative before you even send the first email.

I've seen it play out time and time again. A client scrapes a list of 10,000 emails, fires off a generic "hey, check out our product" blast, and wonders why their domain reputation tanks. Deliverability drops to single digits within weeks. Then they blame the tool, not the tactic.

Cold email works when it's targeted, personalised, and compliant. That means segmenting by ICP, using verified contacts, and crafting a message that speaks to a specific pain point. Otherwise it's just noise-and noise doesn't activate anyone. Your activation rate on spam is basically zero.

Don't let a client burn their domain for a vanity metric like "emails sent." Push them on deliverability rates and reply rates instead. Those are the numbers that actually move the needle.

localpack

Your client is wrong, and here's the thing - that's not even a hot take, it's just bad business.

i've spent north of a million a month on Facebook Ads for multiple clients, and the ones who push "spam everyone" always end up burning through budgets faster than I can optimise. The platform punishes low-quality engagement now more than ever. you're not being too cautious, you're being smart.

here's the framework i use: Build trust first, sell second.

If a client wants to blasts the same offer to everyone on a list that hasn't opted into that specific campaign, you're tanking deliverability, ruining sender reputation, and training Meta to show your ads to fewer people. I've had clients who insisted on "just push it to everyone" - their CTR dropped by half within a week, and their cost per acquisition went through the roof.

instead, I show them a simple A/B test: one audience gets a personalised value-first sequence, the other gets the spam blast. the spam audience always gets more unsubscribes and lower conversion rates. after a few rounds, they usually cave and let me do it properly.

You're right to push back. If they want to waste money, they can do it on their own account - don't let them tank your performance numbers 🔥

analyticsjunkie

Oh, the joys of cold emailing. There is a whole song and dance for it: separate domains, separate accounts, zero CRM integration. Warm everything up like a sad microwave meal, then start blasting. once Google or whoever penalises your precious little domain, you just pivot to another one. Rinse, repeat, and pray.

Yes, people have seen results-including us, if we're being honest. Can it blow up in your face with compliance? Only if you're in fintech or insurance, really. otherwise, you're mostly fine. You slap an unsubscribe link on it, never mention where you got their details, and just shove your message out. 99% will ignore it. 0.2% convert. The other 0.8% hit unsubscribe.

So basically, spam with extra steps and legal deniability.

roichaser

You're being too cautious, honestly. "Spam" is a loaded term-if the list is clean, opted-in, and the offer's relevant, volume alone isn't the issue. Clients come to us for results, not moral hand-wringing. Explain the deliverability risks and let them decide, but don't pretend your discomfort is a strategy.

budgetburner

Asked them to check with a lawyer. Got told to find one myself. So now I'm supposed to hire legal just to keep a client who wants to spam people happy? Let it go. That client's a liability waiting to happen.

chatbox

I've seen this play out more times than i care to count, and you're right to be cautious - but for reasons that go beyond the legal side.

The opt-out model is standard in B2B, and as long as you respect opt-outs, the civil or criminal risk is minimal. I'm not a solicitor either, but after two decades in direct marketing (call centres and high-volume email), I've never seen anyone face legal trouble for a well-run cold campaign. The real danger is technical: you torch your sender reputation. Once you burn an IP range or a domain, the email nerds who manage infrastructure can connect the dots even if you try to spin up new domains. Your deliverability tanks for the campaigns you actually care about.

Here's what I'd do: first, audit the list quality using something like NeverBounce or ZeroBounce - don't just blast raw scraped data. Second, warm up the domain slowly with a tool like Mailwarm or SendGrid's automatic warm-up. Third, keep daily volume low and monitor bounce rates religiously. I've built a similar program for a fragmented B2B client where I used a Claude-based automation to pull contacts from scattered directories. i sent a careful sequence and pulled roughly a 10 per cent response rate. The problem wasn't spam - it was ops couldn't handle the pipeline. so the approach works if you respect the infrastructure side.

you're not being too cautious, you're being smart. the ones who ignore sender reputation end up blacklisted and begging for deliverability help.

copycat

Then trust your gut. It's like planting seeds in poor soil - no matter how much you water them, they won't grow into something healthy. If it feels wrong, it probably is. There's no shame in stepping back and finding a client who respects both their audience and your craft.

budgetburner

Classic symptom of a client with more budget than sense. They can't handle the leads they've already got, so naturally the answer is more leads. No point filling a bucket with a hole in the bottom. Someone in a similar spot told me they were sitting on over 200 uncontacted leads before demanding I ramp up volume. Absolute madness.