Is there a risk for our marketing dept to send an e-mail blast and point the picture to an external site that is attached to the e-mail verbage.

I'm not sure I understand your question, but CAN SPAM flags were raised regardless.

Here's what they are doing. Making the text on our bank's system, then loading all pictures on an external site, then pointing to that external site to get the picture and send the e-mail blast, looking like the e-mail comes from the bank. To me, if the last thing is getting the picture from the external site before sending, then, is the e-mail actually coming from the external site or our internal site?

I did ask the question to marketing, they believe it's ok to use the external site, even though the e-mail looks like its coming from the bank. I'm uncomfortable with the CAN-SPAM act provisions of the e-mail blast coming from an external site looking like it's coming from the bank.

Here's what they are doing. Making the text on our bank's system, then loading all pictures on an external site, then pointing to that external site to get the picture and send the e-mail blast, looking like the e-mail comes from the bank. To me, if the last thing is getting the picture from the external site before sending, then, is the e-mail actually coming from the external site or our internal site?

I did ask the question to marketing, they believe it's ok to use the external site, even though the e-mail looks like its coming from the bank. I'm uncomfortable with the CAN-SPAM act provisions of the e-mail blast coming from an external site looking like it's coming from the bank.

i forgot to login - wavewatcher

To me this sounds like a blatant violation of CANSPAM.

It sounds like you're saying the graphics are on an external site and will be shown on an HTML formatted message. So long as copyrights are not violated this is fine. but I would still be concerned with CAN SPAM rules. Remember there are technical requirements including
* Header cannot be false or misleading
* Subject cannot be false or misleading
* Cml email must contain an opt-out
* Identify it as an advertisement
* Incl. your physical address

But the requirements don't stop there. Unless you are familiar with the CAN SPAM rules and are either clearly not involved with them or compliant, I'd ask that a hold be placed here until a better understanding is obtained.

Thanks, I'll have to find out more information. Now they believe I'm holding up the process.

No, you are protecting their assets.