Unsolicited bulk commercial email is an increasing problem, and though many states have passed laws aimed at curbing its use and abuse, for several years the federal government took no action. In 2003 that changed when Congress passed the CAN-SPAM Act. Though the law contains many different restrictions on spam messages, including some restriction of nearly every type that states had adopted, the Act was widely criticized as weak. Many of the CAN-SPAM Act’s provisions are weaker than corresponding provisions of state law, and the Act preempts most state spam laws that would go farther, including two state laws that would have banned all spam. Despite these weaknesses, this Comment argues that when properly interpreted the CAN-SPAM Act leaves key state law provisions in force, and accordingly is stronger than many spam opponents first thought. First, the law explicitly preserves state laws to the extent that they prohibit falsity or deception in any portion of a commercial electronic mail message or information attached thereto. Though Congress was primarily concerned with saving state consumer protection laws, this language can be applied much more broadly. Second, the law is silent on the question of state law enforcement methods. State enforcement can be, and frequently is, substantially stronger than federal enforcement, which is largely limited to actions by the federal government, internet service providers, and state agencies. The Comment concludes by arguing that this narrow interpretation of its preemption clause is most consistent with the CAN-SPAM Act’s twin policy goals. By limiting the substantive provisions states may adopt, the Act prevents states from enacting inconsistent laws and enforces a uniform national spam policy. At the same time, narrowly interpreting the preemption clause permits states to experiment within the limits of that policy, in hopes of finding the most effective set of spam regulations.