diff --git a/app/controllers/users/sessions_controller.rb b/app/controllers/users/sessions_controller.rb
index 7222587ed..1d5e49100 100644
--- a/app/controllers/users/sessions_controller.rb
+++ b/app/controllers/users/sessions_controller.rb
@@ -92,6 +92,8 @@ class Users::SessionsController < Devise::SessionsController
       # redirect to root_path otherwise
 
       if instructeur_signed_in?
+        current_user.update!(email_verified_at: Time.zone.now)
+
         redirect_to after_sign_in_path_for(:user)
       else
         redirect_to new_user_session_path
diff --git a/app/mailers/instructeur_mailer.rb b/app/mailers/instructeur_mailer.rb
index 2499af188..7e971b9bd 100644
--- a/app/mailers/instructeur_mailer.rb
+++ b/app/mailers/instructeur_mailer.rb
@@ -36,6 +36,8 @@ class InstructeurMailer < ApplicationMailer
     @login_token = login_token
     subject = "Connexion sécurisée à #{Current.application_name}"
 
+    bypass_unverified_mail_protection!
+
     mail(to: instructeur.email, subject: subject)
   end
 
diff --git a/spec/controllers/users/sessions_controller_spec.rb b/spec/controllers/users/sessions_controller_spec.rb
index 7aead2f16..e4fde9b2f 100644
--- a/spec/controllers/users/sessions_controller_spec.rb
+++ b/spec/controllers/users/sessions_controller_spec.rb
@@ -217,6 +217,7 @@ describe Users::SessionsController, type: :controller do
           it { is_expected.to redirect_to root_path }
           it { expect(controller.current_instructeur).to eq(instructeur) }
           it { expect(controller).to have_received(:trust_device) }
+          it { expect(controller.current_instructeur.user.email_verified_at).not_to be_nil }
         end
 
         context 'when the token is invalid' do
diff --git a/spec/mailers/instructeur_mailer_spec.rb b/spec/mailers/instructeur_mailer_spec.rb
index fe790ed46..db53e6282 100644
--- a/spec/mailers/instructeur_mailer_spec.rb
+++ b/spec/mailers/instructeur_mailer_spec.rb
@@ -24,6 +24,8 @@ RSpec.describe InstructeurMailer, type: :mailer do
     let(:token) { SecureRandom.hex }
     subject { described_class.send_login_token(user, token) }
 
+    it { expect(subject[BalancerDeliveryMethod::BYPASS_UNVERIFIED_MAIL_PROTECTION]).to be_present }
+
     context 'without SafeMailer configured' do
       it { expect(subject[BalancerDeliveryMethod::FORCE_DELIVERY_METHOD_HEADER]&.value).to eq(nil) }
     end