[nerdo]

CAN-SPAM is unenforced afaict. You can still take action against bad actors by signing up with old abandoned email address(es) though. ISP's will have converted them into spam traps and will subtract a higher amount from their sender reputation.

[legitster]

CAN-SPAM is still somewhat enforced. The problem is the type of spam it targeted is now sent from foreign bad actors and there's not much they can do to enforce it.

[deathanatos]

Is it?

E.g., recruiter spam, in particular. And I don't mean of the "are you interested in this job?" variety. I mean in the "can we hawk some candidates to you, that you can hire and they pay us for?" variety.

I am not involving in candidate sourcing in my company, period. These emails are directed to me, individually. Some claim to be American companies, and seem to have a "legit" web presence, if shady marketing tactics, and some seem to have no web presence and seem super shady, e.g., "we index heavily on the intangibles/DNA of a candidate; their Intelligence (EQ/IQ)". No mailing address, no unsubscribe link, no prior consent, all of which TFA claims CAN-SPAM requires.

"Survey" requests (American, no unsub link, no mailing address in email, no prior consent), "zero trust cloud access" company (American, no mailing address in email, no prior consent), … etc.

[legitster]

CAN-SPAM doesn't actually require prior consent. But if you are getting bulk email without a mailing address or unsubscribe link and the company is based in the US you can definitely report it.