Nothing obvious had changed on our side, but a few days later I found that Laposte.net would start rejecting mail that wasn’t authenticated or aligned. That little detail meant the difference between a polite hello and a hard bounce.
Email rules are shifting fast. In 2025, La Poste (France) announced a hard stance on aligned authentication.
A few weeks earlier, Yahoo announced it would absorb AT&T’s consumer domains, meaning messages for att.net, bellsouth.net, and their siblings now go straight through Yahoo’s filters.
Around the same time, the company asked senders to re‑enroll in its feedback loop or lose visibility into complaints.
It’s tempting to shrug these off as technical footnotes, but failing to keep up can cost you inboxes and revenue.
This article blends recent news with personal observations. I’ll walk through La Poste’s new rules, Yahoo’s changes, and the parts of an ISP playbook that every sender should keep.
Case study: La Poste’s authentication rules
In September 2025, La Poste (laposte.net) began enforcing a strict requirement: either a valid SPF record aligned with the From header or a DKIM signature aligned with the From domain.
EmailKarma explained that if the MailFrom address (the envelope sender) differs from the visible From address, Laposte treats SPF as “none”.
The same goes for DKIM: if the signature uses a different domain, Laposte treats it as unauthenticated. Only one aligned mechanism needs to pass, but misalignment means your message may be shunted to the Indésirables folder or rejected altogether.
This isn’t just for bulk email. The Word to the Wise post noted that most mail would be subject to the new rule.
That includes order confirmations, password resets and one‑to‑one messages. The logic is clear: if a message can’t be tied back to the sending domain, Laposte won’t trust it.
It’s a local version of Gmail and Yahoo’s earlier “No Auth, No Entry” stance, but with a uniquely French twist.
I recently worked with a boutique retailer in Paris whose transactional emails came from a shared “mailer” subdomain. Their marketing domain signed with DKIM, but their receipts did not.
When Laposte flipped the switch on September 9th, confirmation emails vanished. We spent a morning aligning the envelope and header domains and adding a DKIM signature to the transactional stream. The next test came through smoothly.
The lesson: small misalignments that go unnoticed elsewhere can be show‑stoppers on regional providers.
Case study: AT&T domains migrate to Yahoo & feedback loop changes
In June 2025 Yahoo’s Postmaster team announced that MX records for AT&T consumer domains (att.net, sbcglobal.net, bellsouth.net, etc.) would point directly to Yahoo.
Mail for these addresses no longer passes through AT&T’s servers – it is processed by Yahoo’s infrastructure. By early August, emailexpert reported that twelve of the thirteen AT&T domains showed Yahoo MX records.
The implication is simple but far‑reaching: treat your AT&T recipients as Yahoo users. If you had special rules for AT&T, retire them and follow Yahoo’s standards on authentication, complaint thresholds, and one‑click unsubscribe.
The routing change coincided with a shake‑up in Yahoo’s Complaint Feedback Loop (CFL).
Yahoo launched a new Sender Hub and required senders to re‑enroll by September 20, 2024, to continue receiving spam complaint reports. Those who signed up under the older ARF form would lose access after that date.
Complaint reports are vital for list hygiene: when a user clicks “This is spam,” participating mailbox providers send a copy of the complaint to the sender.
The M3AAWG explains that these reports help senders correlate the number of complaints per campaign with the number of messages sent. Without them, you’re flying blind.
I learned this through a difficult lesson with an alumni association. We were troubleshooting a spike in AT&T complaints when the data stream suddenly dried up.
It turned out our ESP hadn’t re‑enrolled in the new Yahoo loop. Once we registered the domains in Sender Hub and verified our DKIM signatures, the complaint data resumed.
The process was a hassle, but the renewed visibility meant we could identify a problematic newsletter and adjust our messaging before Yahoo throttled us.
Building your ISP playbook
Every mailbox provider has its quirks, but some themes repeat.
An ISP playbook is my binder of notes on each domain I send to regularly. It isn’t fancy – just a living document that helps me stay ahead of changes.
Here are the core elements:
- Authentication & alignment. Record the SPF, DKIM and DMARC policies for each sending domain. Note whether the provider requires alignment between the envelope and visible From domains. Laposte needs at least one aligned mechanism; Yahoo and Gmail expect both SPF and DKIM with DMARC in place. The M3AAWG checklist recommends publishing SPF records for the MAIL FROM domain, signing all messages with a domain matching the From header and rotating keys regularly.
- Complaint feedback loops. Keep track of FBL enrollment and credentials. For each ISP, note whether it uses IP‑based or domain‑based loops, which addresses you used and when you last renewed. FBLs are essential: they send copies of spam complaints in the Abuse Report Format (ARF) when users click the spam button. Monitoring the ratio of complaints to sends helps you gauge campaign performance.
- Routing & MX changes. Monitor your major domains for updates to MX records or routing policies. AT&T’s move to Yahoo is one example. I use a simple script to check MX records weekly and note changes. If a regional provider sells or outsources its mail platform, your existing deliverability rules may need to be updated.
- Volume & engagement thresholds. Most providers track bounce and complaint rates. M3AAWG’s recommendations note that hard bounce rates above five percent can signal list problems. Many providers, including Yahoo, expect complaint rates below roughly one per thousand messages. Keep an eye on how many messages you send per hour. New IPs may face throttling if you blast too many too quickly. Start slow and ramp gradually, watching bounce and complaint metrics as you go.
M3AAWG and industry best practices
M3AAWG is the industry group where mailbox providers, senders and security vendors share best practices.
Their Recommendations for Senders Handling of Complaints describe the building blocks of complaint management.
They define feedback loops as a mechanism that sends an Abuse Report Format (ARF) message back to the sender when a user marks mail as spam.
These reports are most useful when you correlate complaints to specific campaigns.
The document also suggests:
- monitoring “role accounts” like postmaster@ and abuse@ to catch direct complaints,
- watching popular block lists for listings,
- and using seed addresses to gauge inbox vs junk placement.
On the authentication front, M3AAWG’s best practice checklist for SPF, DKIM and DMARC recommends:
- publishing SPF records that authorise only needed IPs,
- aligning the return‑path domain with the From domain,
- signing all outbound mail with a matching domain,
- and setting DMARC policies to quarantine or reject rather than “none”.
They also remind senders to rotate DKIM keys and include reporting tags in DMARC records. These steps not only satisfy providers like Laposte but also protect you from spoofing and phishing.
Practical checklist
Here’s a condensed checklist I use before launching campaigns:
- Verify authentication. Use tools such as Word to the Wise’s aboutmy.email to check that your SPF and DKIM records pass and align with the visible From domain. Confirm that your DMARC policy exists and points to a monitored reporting address.
- Update your playbook. Record each provider’s requirements. For Laposte, note the September 9, 2025 alignment rule and examples of compliant headers. For AT&T, note that it is now part of Yahoo’s infrastructure and follow Yahoo’s complaint thresholds and one‑click unsubscribe guidelines.
- Re‑enroll in feedback loops. Check that you have active accounts in Yahoo Sender Hub and other FBL portals. If you enrolled before September 2024, re‑enroll via the new forms to keep receiving ARF reports.
- Monitor metrics by ISP. Track hard bounce and complaint rates separately for major domains. Hard bounce rates over five percent may signal list problems. Elevated complaint rates may indicate poor targeting or stale lists.
- Plan your sending volume. When warming up a new IP or domain, start with small volumes and increase gradually. Watch bounce and complaint metrics. If they spike, slow down. Use one‑click unsubscribe and clear opt‑out links to reduce complaints.
Bouncer: an ally for clean lists
Even with authentication aligned and feedback loops in place, your success still depends on the quality of your addresses.
This is where Bouncer can help. Bouncer is a cloud‑based platform that checks email addresses through a web app or an API.
It stops bad addresses at the door:
- Bouncer Shield blocks invalid or malicious addresses at the moment of entry.
- A Toxicity Check grades addresses on a scale, catching those tied to spam traps or complaint‑prone users.
- The Deliverability Kit lets you test inbox placement, verify your authentication and watch block lists.
- Data Enrichment adds publicly available company information to your CRM, while Email Engagement Insights show last open, click and reply dates so you can segment by activity.
Bouncer takes privacy seriously: uploaded addresses are anonymised and stored in EU data centres, and you can delete results on demand.
With near 100 percent uptime and a straightforward interface, Bouncer helps you keep your list healthy between campaigns.
Start for free now with 100 credits.
Conclusion
La Poste’s alignment rule and Yahoo’s absorption of AT&T domains show that regional and global providers alike are raising the bar on authentication and complaint handling.
If you ignore these changes, your messages may quietly slip into junk or bounce outright, even if they once landed without issue.
As a sender, staying ahead of provider requirements isn’t glamorous, but it pays dividends.
Keep your playbook current and audit your authentication. Don’t forget to renew your feedback loop enrollments and watch your metrics. Think of it as routine maintenance for your email program.
Do the work up front, and you’ll spend more time celebrating healthy engagement and less time chasing down vanished messages.
If you’d like help keeping your list tidy, Bouncer makes it easy to verify and enrich your addresses before you hit send. You can even get started at no cost and include free credits, and you can book a demo at any time.
Give it a try on a small segment and see how your bounce rate changes. Together with an updated provider playbook, a dedicated verification tool will put you on solid ground.
