WordPress and emails – the ultimate guide

A WordPress website that cannot send emails is a security risk. For you as the operator of your website, for the internet in general and if you are a web designer, you also have a liability risk towards your customers.

Therefore, make sure that your website and your customers' websites can send emails reliably and securely.

In this guide, I'll not only show you the solution, but also explain the technical background as to why emails and WordPress often don't work together as harmoniously as they should.

TLDR; Scroll directly to the solution if emails from WordPress are not arriving. No matter which plugin you use (WPForms, Contact Form 7, NinjaForms, GravityForms) - this solution is guaranteed to work for every contact form.
Emails from WordPress not arriving?
The solution in the ultimate guide.

Why WordPress MUST be able to send emails

WordPress is installed quickly. In my experience, one thing that is often overlooked during the setup process is ensuring that emails are sent correctly. In the “good old days”, the delivery of emails via PHP usually worked out-of-the-box.

Without extra settings.

But those days are (unfortunately) over. Spammers quickly realized how they could earn money by sending masses of emails and so the familiar and annoying cat-and-mouse game began.

Security functions for emails such as SPF, DMARC and DKIM are intended to stem the flood of spam, but also cause lasting headaches for website operators and administrators.

Many web designers are not familiar with these DNS entries and persistently ignore these security functions.

However, WordPress MUST be able to send emails reliably and quickly.

Yes, you MUST. Because it’s about the security of your website, your customers’ websites and the security of the internet in general.

WordPress must be able to send these emails:

  • The password reset email – without emails from WordPress, your website users won’t be able to reset their password. Who do you think users will contact each time? Personally, I don’t fancy having to constantly reset passwords for customers…
  • Information about automatic updates or errors that have occurred during automatic updates. You definitely want to know this and you should not ignore updates under any circumstances.
  • Security information about newly added users on the website. This way, you will immediately recognize if your WordPress has been hacked.
  • Notifications about activities such as new comments.
  • Order confirmations and invoices from your WooCommerce online store for your customers as well as information on expiring subscriptions and memberships if you run a community.
  • Information from the firewall about necessary security updates or suspicious activities on your website.
  • 2-factor emails, if you have secured the login accordingly (which I can only recommend!).

A note to all web designers

Are you a web designer? and create websites for clients? Then you should make sure that the customer websites you have installed can send emails in any case.

After all, it is part of your duty of care as a web designer to ensure that the website you have created functions properly. And, as listed above, sending emails is important, necessary and, above all, security-relevant.

Therefore, be sure to add the item “Check email delivery” to your personal go-live checklist. If you are responsible for the ongoing maintenance of your customer’s website, you should also regularly check whether the customer’s website can still send emails.

How to test whether WordPress sends and receives emails

It is often not clear whether WordPress itself cannot send emails or whether it is simply a plugin that is stuck. This is because some store plugins or contact forms use their own methods to send emails.

However, you can use the “Forgot password” function to quickly find out whether WordPress sends emails itself.

Reset WordPress password
The “Forgot password” function of WordPress

Select the “Forgot password” function in the backend login and enter your email address. If you receive a message from WordPress shortly afterwards, then you know that the problem is not with WordPress itself. It’s due to a plugin.

Is no message arriving? Then also check your spam folder, as emails from WordPress often end up directly in the spam folder.

Why is that so? Read on….

Emails from WordPress end up in the spam folder

Sometimes emails are sent by WordPress but end up in the spam folder. “Strict hosters” such as Gmail or GMX do not deliver the emails at all and delete them directly without notifying you.

This is often due to an incorrect “return path” in the e-mail header.

An e-mail message consists not only of a sender, recipient and content, but also other data. These are transmitted in the email header.

Among other things, there is the so-called “return path”, often also called the envelope. This is set by the web server and often does not match the sender of the email, as you can see here:

E-mail header: the return path
The header of an e-mail with return path

The return path and the sender (“From:“) do not match, as the return path points to the web server and not to the sender domain.

The spam filter therefore believes that the email is fake and marks it as spam or does not deliver it at all. The major freemail providers in particular, such as Gmail or GMX, do not even accept such emails and reject them.

E-mails from WordPress not arriving at all?

If you don’t receive any emails from WordPress, this may be due to the problem with the return path described above, but it may also simply be because your host is sloppy with the web server and does not allow the PHP function “mail()” or Sendmail is not configured correctly.

In this case, I recommend that you contact the hoster and change if necessary ;-). Here you can find a comparison between my two favorite hosters.

Until the time comes and you switch to a quality hoster*, you can also use the following solution.

Why emails are not being sent and delivered by WordPress

Most WordPress plugins and WordPress itself use the wp_mail() function to send emails. This function formats the message and passes it by default to PHP’s “mail()” function, which passes the message to the sendmail service. This is responsible for delivery.

On a less technical level, your web server sends the message to the recipient:

How to send WordPress emails
How to send WordPress emails

However, as mentioned above, this can lead to a few problems:

  • The mail() or sendmail function must have been configured correctly by your hoster.
  • SPF (Sender Policy Framework) must be set correctly in the DNS, otherwise the message will be rejected by the recipient.
  • The return path (envelope) of the message must match, otherwise it will be rejected by the spam filter.
  • If your email domain is protected with DMARC and DKIM, the message will also be rejected because emails sent via PHP’s mail() function usually do not have a valid DKIM signature.

You could now work with your host to ensure that you configure SPF, DKIM and DMARC correctly for the web server. However, this is usually not necessary, as this has (hopefully :-) ) already been done for the mail server.

We therefore no longer send e-mails from the web server but via your hoster’s e-mail server:

Sending emails from WordPress via SMTP server
Sending emails from WordPress via SMTP server

The message is then correctly signed with your DKIM key, the SPF entries match the email server and the DMARC entries are unemployed.

The message fulfills all technical requirements and should land in the inbox of your recipients without any problems.

I’ll now show you how to persuade WordPress to send all emails via your host’s email server.

Kennst du schon das Business-Membership für alle WordPress-Professionals?

Emails from WordPress are not arriving – the solution!

With the FluentSMTP plugin, you can have a detailed influence on how WordPress sends messages.

Whether WordPress, WPForms, Contact Form 7, NinjaForms, Gravity Forms or other contact forms. If emails are not arriving, follow these instructions.

The setup consists of 4 simple steps:

Step 1: Install FluentSMTP

First install the plugin under Plugins > Add new plugin. Search for “FluentSMTP” and click “Install now” and then “Activate“.

The FluentSMTP plugin
The FluentSMTP plugin

Step 2: Set up a mailbox for sending e-mails

Create a separate email inbox for sending emails with WordPress, e.g. noreply@deine-domain.com. You only use this mailbox to send emails. (I’ll explain why this should be the case in a moment).

You can create the mailbox in your hoster’s control panel.

Step 3: Configure FluentSMTP

Select theOther SMTP” option under Settings > FluentSMTP.

Configure FluentSMTP
Configure FluentSMTP

If you use Office365 or Google, select the corresponding option.

Enter your sender address, your name and the SMTP access data for your hoster. You can find these in the control panel or on the help pages of your hoster.

SMTP settings
SMTP settings

You should make the following settings:

  • From Email: enter the email address created in step 2 here, e.g. noreply@deine-domain.com
  • From Name: your desired sender name.
  • Force From Email, Force Sender Name: my recommendation is to activate these options. Because then you ensure that any incorrect settings are overwritten by WordPress plugins.
  • Set the return-path: activate. This is because FluentSMTP adjusts the return path.

Theoretically, you could already send emails now, because the return path matches the sender. The message would be more likely to be passed by spam filters than without this setting:

E-mail with correct return path
E-mail with correct return path

But: we want 100% deliverability. The following settings are therefore important:

  • SMTP Host: the address of your e-mail server.
  • SMTP port: depending on the settings for encryption, e.g. 465, 25 or 587.
  • Activate encryption in any case, otherwise the password of your e-mail box will be transmitted in plain text. Whether SSL or TLS depends on your hoster.
  • Auto TLS and authentication should be activated in any case.
  • SMTP Username and SMTP Password: Enter the data from step 2 here.

Then save the settings.

Step 4: Test the FluentSMTP settings

You can then send a message to yourself under “Email Test“:

Send yourself a test message
Send yourself a test message

This should arrive after a few minutes; if not, you will immediately see the error message. Then the settings for SSL/TLS or username/password are probably incorrect.

Also try resetting your password. The e-mail message should now arrive reliably and quickly.

An important note

The username and password you enter are stored in the WordPress database. If your WordPress is hacked, the attacker also has access to your email account and all the emails it contains.

So be sure to create your own account for sending e-mails as described above and never use your usual e-mail account!

If you feel confident, you can also save the user name and password in the wp-config.php file:

Save access data in wp-config.php
Save access data in wp-config.php

This protects the access data to the mail server somewhat better from hackers and other WordPress admins.

Further functions of FluentSMTP

I prefer the FluentSMTP plugin because it offers some functions free of charge that are only available in the paid Pro version of other plugins.

For example:

  • WordPress email logs: you can immediately see all emails that have been sent by WordPress (or a plugin) in the corresponding tab. This is super useful if orders don’t arrive or you want to prove that an email has been sent.
  • Notifications and statistics: you can be informed about the number of emails sent and also receive notifications via Slack or Discord in the event of problems.
  • Fallback connection: you can store a second dispatch mailbox. If a message cannot be sent, it is automatically sent via this alternative mailbox (or a completely different e-mail service).
  • Disable email sending: super useful on staging systems or when you’re testing something. You can deactivate the sending of all emails from WordPress in a central location.
  • Ad-free and without a pro version: the creators of FluentSMTP use the plugin themselves and make it available free of charge – as a thank you to the community.

How to reliably send & deliver emails from WordPress

If you have set up FluentSMTP correctly, messages from WordPress will no longer be sent from the web server, but via your hoster’s email server.

Even particularly strict recipients such as Gmail, GMX or Office365 can be persuaded to cooperate and messages arrive reliably again.

For me, FluentSMTP is part of my standard setup and I check again after the go-live whether WordPress can send emails correctly.

Sending emails from WordPress still not working reliably?

Then please leave me a comment.

Further questions about sending emails with and from WordPress

How to send WordPress emails?

WordPress itself uses the internal function wp_mail to send emails.
These are usually sent directly via PHP. However, some hosters do not allow this and others are configured incorrectly.
Emails therefore do not arrive reliably if they are sent in this way.

What is SMTP?

SMTP is the protocol used to send e-mails and stands for Simple Mail Transfer Protocol. This is the language that your WordPress uses to talk to the mail server and tells the mail server that an email is to be sent.

What is an SMTP plugin for WordPress?

An SMTP plugin such as FluentSMTP intercepts emails that are sent via the WordPress function wp_mail and forwards them to an email server via SMTP. This means that the email is no longer sent by PHP or the web server and emails from WordPress reliably reach the recipient again.

Why don't you use WP Mail SMTP?

The WP Mail SMTP plugin was my SMTP plugin of choice for a long time, but then started aggressively advertising the Pro version of the plugin. So I looked around for alternatives that are free and offer more functions.
I found what I was looking for with FluentSMTP: free, fallback server, email logs, statistics and outage notifications are not offered by WP Mail SMTP.

How do I send a test email in WordPress?

In the simplest case, use the reset password function when logging in.
You should then immediately receive an e-mail. Alternatively, you can use the test function built into FluentSMTP.

WordPress is not sending emails – what can I do?

If WordPress is not sending emails, this could be due to a problem with the hosting server or the email settings.
First check the server settings to make sure that the server can send emails.
Some hosters do not allow this or only with special settings.
You can also install an SMTP plugin such as “Fluent SMTP” to improve and test email delivery.
Also check that DMARC, SPF and DKIM are configured correctly and that your emails are not ending up in spam folders.

Picture of Michael
Hi, I'm Michael Baierl and I'm a WordPress programmer from Vienna, Austria. In my WordPress community - the Website Heroes - web designers will find everything they need to create great websites for their customers and be financially successful: regular training, exchange, feedback, quick problem solving and co-working. Come and visit us now.

Content

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *