← Back to Blog

Eligibility April 13, 2026 · Gary Vogt · Updated June 10, 2026

Cold Outreach via SMS: Why TCR Treats Purchased Lists as an Automatic Rejection

A client brings you a list of 30,000 prospects they bought from a data broker. They want to text "just a quick intro" message to every one of them through your GoHighLevel setup. They're paying for the campaign. They say they'll take the liability.

Register that A2P 10DLC campaign honestly and you will be rejected. Not warned, not delayed. Rejected. And a record of rejected campaigns under that brand invites closer scrutiny and slower approvals on everything you register after.

Here's what TCR is looking for, why purchased-list cold texting is on the short list of categories they treat as permanently ineligible, and what actually works as a legitimate alternative.

The rule, in one sentence

Lead generation using purchased, rented, shared, or brokered contact lists is a forbidden category under A2P 10DLC. No matter how the message is worded.

This isn't a "soften the language and resubmit" situation. Third-party lead generation sits alongside cannabis, payday loans, gambling, and other categories on the forbidden list — categories that cannot register for 10DLC under any circumstances. The rule is enforced both through keyword detection and human review.

Why TCR treats it as auto-reject

Under the Telephone Consumer Protection Act (47 U.S.C. § 227), sending marketing SMS without prior express written consent from the recipient is illegal. When you text someone from a purchased list, that recipient never consented to hear from your sender. They consented (at best) to hear from whoever originally collected the data. Not from the company now texting them.

Worth a quick note on the regulatory landscape: the FCC's "one-to-one consent" rule, which would have explicitly required consent be specific to each individual seller, was vacated by the 11th Circuit in January 2025 and never took effect. But the underlying TCPA written-consent requirement still applies, and TCR's purchased-list ban for A2P 10DLC is a separate carrier-level rule that wasn't affected by the court ruling.

Purchased-list SMS generates:

• High spam complaint rates (recipients flag or block unfamiliar senders)
• Carrier-level filtering (once complaints climb, the number gets blocked)
• TCPA lawsuits (statutory damages run $500 per violation, up to $1,500 if willful)
• Brand reputation damage (carrier-side filtering and scrutiny that follows the brand into future campaigns)

TCR's approval criteria require that every recipient of a campaign opted in through a consent mechanism documented in your campaign description. A purchased list can't satisfy that requirement by definition.

How TCR detects purchased-list campaigns

TCR reviewers (and the automated screening layer) look at your campaign description and your sample messages for patterns that signal cold outreach. These are the most common red flags.

Red-flag phrases in campaign descriptions

• "We reach out to prospects"
• "We contact leads we've acquired"
• "Customers are sourced from our marketing partners"
• "Leads are obtained through third-party providers"
• "We purchase targeted lead lists"
• "Cold outreach campaign"

If any of these appear in your description, rejection is nearly automatic. Reviewers read "reach out," "cold outreach," or "we contact" as prospecting language incompatible with opt-in.

Red-flag patterns in sample messages

• "Hi [Name], I saw your business and wanted to introduce…"
• "Hi, my name is [X] from [Company]. We help businesses like yours…"
• "Quick question, are you still looking for…"

These are textbook cold outreach openers. Zero recipients of a real opt-in campaign would receive a message phrased like an unsolicited intro.

The missing-opt-in signal

Even without red-flag phrases, a campaign description that fails to name a specific opt-in method gets treated as suspected cold outreach. "Customers opt in" isn't specific enough. Reviewers want to see:

• "Customers opt in via the consent checkbox on our booking form at [URL]"
• "Patients opt in at the front desk by signing our SMS consent form"
• "Leads opt in through our website chat widget before receiving any SMS"

If you can't name the specific mechanism, the reviewer assumes there isn't one.

What does work for B2B outreach

GHL agencies whose clients are used to B2B prospecting sometimes ask: "What's the legal way to text cold leads?" Short answer: there isn't one inside the 10DLC framework. Long answer: you have three legitimate alternatives.

1. First-party lead magnets

Build the list yourself. A booking form, a quiz, a downloadable guide, a "get a quote" form, a chat widget, a calendar app. Any first-party capture mechanism where the lead voluntarily provides a phone number and checks the SMS consent box. That's the only list that can legally be texted under A2P 10DLC.

2. Email-first nurture to opt-in

Use the purchased list for email only (where CAN-SPAM applies, not TCPA, which is a lower bar). Email them a CTA that drives to a form with SMS consent. Once they opt in through that form, they're on your first-party SMS list.

3. Voice call, not SMS (with the right consent type)

TCPA rules for voice calls to non-consented numbers are different from SMS rules (and the do-not-call registry applies). A trained caller can qualify a lead and collect consent for follow-up SMS. Two important nuances:

• Verbal consent works for transactional/informational SMS (appointment reminders, account alerts, delivery updates). Carrier and TCR guidance confirms this when documented.
• For marketing SMS, the TCPA still requires express WRITTEN consent. Verbal alone isn't enough for promotional follow-ups. The caller would need to drive the lead to a written opt-in form (text-back keyword, web form, etc.) before sending any marketing content.

Document the consent and record the call per your state's two-party consent laws.

What if my campaign description looks like cold outreach but isn't?

This is where most agencies get burned. Your client has a legitimate opt-in flow (booking form, patient intake, referral partner agreement), but the way they describe the business sounds like prospecting. "We reach new customers." "We grow our client base." "We connect with leads."

Fix the language. Even accurate business descriptions can trip the auto-rejection filter if they use prospecting verbs without naming the opt-in gate. Be specific.

The second version passes review consistently in my experience. Same business, different framing.

The 90-second pre-submit check

Before registering any A2P 10DLC campaign, copy your campaign description and every sample message and scan for:

• "Reach out," "contact," "cold," "prospect" (red flag)
• "Leads we acquired," "targeted list," "marketing partners" (red flag)
• "Introduce ourselves," "quick question" (red flag)
• A specific opt-in method named (URL, in-store sign-up, chat widget) (good sign)
• "Existing customers" or "leads who opted in via [mechanism]" (good sign)
• Sample messages that read like responses to opt-in, not intros (good sign)