Don’t Let “Graymail” Tank Your Tech Company’s Email Engagement

In order to be compliant AND create healthy relationships with your potential and ongoing clients/customers, you need to make sure that you’re not sending out graymail. Graymail not only hurts your credibility, but also your overall email engagement. 😱

What is graymail?

Ever gone to a store and the cashier asks for your email address during the checkout process? In addition to getting a digital receipt, you just knoooow you’re signing up for their email marketing list. UGH!

This is graymail: email that you’ve kinda sorta opted in to receive, but don’t really want.

In other words, graymail occurs when someone hasn’t explicitly given consent for follow-up emails, but it’s definitely implied by their actions.

As a B2B tech marketer, by now you should know that purchasing a cold list of email contacts is B-A-D because they have given literally ZERO consent to hear from your company. (In fact, only 29% of people in our recent survey still admit to this outdated practice.)

But has your tech company ever automatically added people to your email marketing database after they’ve:

  • Dropped a business card in a box at your tradeshow booth to win a prize?
  • Attended a session at a conference where your CEO was speaking?
  • Submitted an online form with no uncheck option to avoid receiving follow-up marketing communications?

If so, you too are guilty of graymailing people.

Why is graymail bad?

Does it really matter if people aren’t engaging with your emails? Why not just email as many people as you can? If they open it great…if not, no harm, no foul.


Over time, ISPs will start to classify your messages as “spam adjacent,” meaning while they don’t meet the legal definition of spam, they aren’t providing any value to recipients. When this happens, your emails may end up in the “promotions” or “low priority folder.”

Over time, this WILL tank your email engagement.

(Psst…If you want to learn more about spam and how to avoid the spam folder,
check out this resource.)

How can tech marketers get explicit consent?

From contacts already in your database:

Run a re-permission campaign: If you’ve lost track of your contacts’ opt-in statuses—or if you never confirmed their opt-ins in the first place—we recommend that you run a re-permission campaign. (FYI: HubSpot calls this permission pass campaign—it’s the same thing.)

Simply put, this is a one-time email campaign that requests any contacts who haven’t already used some form of double opt-in to confirm that they would still like to receive emails from you.

Sound boring? It doesn’t have to be! Here are some fun examples from the HubSpot community.

From future contacts who will be added to your database:

Use unchecked consent boxes on forms: The most compliant and considerate way to collect this consent on forms is using opt-in checkboxes that ARE NOT pre-checked ✔️. This way, your leads have to intentionally opt-in vs. accidentally opting in because they forgot to uncheck the box before hitting submit.

Use double opt-ins: Ever signed up for an email newsletter and immediately got a message in your inbox asking you to confirm your subscription? This is a double opt-in and a great way to confirm explicit consent. Otherwise, spammers could put any email address they wanted into forms on your website and the real recipient would have no idea why they’re getting email messages!

What happens if someone withdraws consent?

Listen, not everyone is going to want to hear from you or let you keep their information. And that’s okay! To prepare for such a moment, make it easy for users to withdraw consent if they want to, not just to be polite, but also because it’s the law. ⚖️

According to the CAN-SPAM Act, your emails must “include a clear and conspicuous explanation of how the recipient can opt out of getting email from you in the future.”

You should craft an opt-out notice that:

  • Is easy for an ordinary person to recognize, read and comprehend
  • Includes a return email address or another easy Interwebs-based way that end-users can communicate their choice to you
  • Includes, at minimum, an option to stop all commercial messages from you

You can also create opt-out notices with a menu differentiating between the types of correspondence the recipient can opt out of. Another great idea is to offer a “pause correspondence” option or an option to change the frequency with which they receive emails.

To help it stand out, play around with different type font colors, sizes and locations. For inspiration, take a look at these nine unique email unsubscribe pages.

Another important directive of the CAN-SPAM Act is, “honor opt-out requests promptly.”

Specifically, you must be able to process opt-out requests for at least 30 days after you send your message AND you have to honor an opt-out request within 10 business days. (Luckily, platforms like HubSpot take care of that immediately if they use the system’s unsubscribe page.)


You must NOT:

  • Charge a fee for unsubscribing
  • Ask for any personally identifying data other than an email address
  • Require the end-user to take any step beyond sending you a reply email or visiting a single landing page in order to honor their opt-out request

We don’t think you’d do this, but we feel compelled to also mention that you can’t sell or transfer the email addresses of opted-out recipients (not even a mailing list!).

We also encourage you to meet the standards of Article 15 of the GDPR, which directs you to make accessible information on what, when, where, why and how you’re using someone’s personal data.

Now that you know all about graymail, you’re ready to take on the world and get explicit opt-ins from all your current and future contacts. Good luck!

DISCLAIMER: We’re pretty smart tech marketers, but lawyers we are not. 👩‍⚖️ For that reason, we’re obligated to tell you that the legal information in this blog is not intended to be taken as legal advice. You may neither rely on this document as legal advice nor as a recommendation of any legal understanding.


Interested in even more legal compliance stats and strategies? Download our free “Marketing Legal Compliance in the Real World" report to see how your compliance tactics stack up against other tech and software companies.

Download "Marketing Legal Compliance in the Real World"