Laposte Tightens Email Authentication Rules

Laposte.net is raising the bar for email authentication. Starting Tuesday, September 9th at 9am CEST (GMT+2), their anti-abuse team will enforce rules for emails missing proper authentication. Messages without valid SPF, DKIM, or DMARC will start to land in the spam folder (or as they say in France, Indésirables), and risk outright rejection.

This update goes beyond simply publishing SPF or DKIM. Alignment with the visible From domain (RFC5322.From) is now required. If your MailFrom (RFC5321) domain differs from your Header From, Laposte.net will treat SPF as “none.” If your DKIM signature uses a different domain, Laposte.net will also treat it as “none.” Senders routing through shared domains face the same problem: non-aligned and effectively unauthenticated.

The good news: only one authentication solution needs to pass and align. You can meet Laposte’s requirements with either a properly aligned SPF record or a DKIM signature that matches your From domain. If multiple DKIM signatures exist, just one aligned signature is enough.

Example of a compliant header (passes and aligns):

From: Marketing email@mail.example.com
Mail-From: email@mail.example.com
DKIM-Signature: d=mail.example.com; s=2025; …

In this example, both the Mail-From and the DKIM signing domain match the visible From domain. Alignment is satisfied, and the message will authenticate.

Example of a compliant header (only DKIM aligns):

From: Marketing email@mail.example.com
Mail-From: bounce@shared-mailer.net
DKIM-Signature: d=mail.example.com; s=2025; …

In this case, the Mail-From domain does not align, but the DKIM signature matches the From domain. Laposte.net will treat this as authenticated and compliant.

Example of a failing header (treated as “none”):

From: Marketing email@mail.example.com
Mail-From: bounce@shared-mailer.net
DKIM-Signature: d=shared-mailer.net; s=default; …

Here, neither the Mail-From nor the DKIM signature aligns with the visible From domain. Laposte.net will treat this message as unauthenticated, leading to spam placement or rejection.

This policy highlights a growing global trend. Major mailbox providers are demanding stronger alignment to protect users from phishing and spoofing. Marketers and IT teams should review their authentication setups now, or risk deliverability issues with French audiences.

Are your emails aligned and ready for Laposte’s enforcement, or do you need to revisit your SPF and DKIM setup? You can check easily with Word to the Wise’s tools for email marketers at aboutmy.email.