You’ve spent countless hours launching your site only to find that WordPress not sending email. One of the most important aspects for any website – especially a WordPress powered website – is for you to receive email notifications when certain actions are taken. For instance:
- Receiving an email when a contact form is submitted.
- Receiving an email when an order is created or updated.
- Customers receiving an order receipt.
- Receiving an event RSVP email.
There are plenty of obstacles in the way that would prevent the email from being received, so where do you begin? Below we’ll outline 4 steps to take when WordPress doesn’t send emails and help you re-capture those missing leads.
Step 1: Check. Your. Spam. Folder.
Seriously. Start here first. Even if you’ve already checked it. Check it again - I’ll wait.
If an email makes it all the way through to your phone or desktop, there’s one last line of defense: the spam folder. Sometimes it’s called junk, sometimes it’s called spam, but its purpose is the same: To check the message against the rules of the email client to determine the probability that it’s spam. WordPress emails are notorious for ending up the spam folder. Not sure where to find your spam folder? Enter your email client below (something like Outlook, Gmail, Office 365, Android, or iOS) and we’ll help you find it.
Step 2: Check The Blacklists
Even well intentioned emails can find themselves on a blacklist.
If you’ve got something mis-configured or you or someone else on your server are sending spam, it’s possible that your entire web server has gotten added to a blacklist.
Blacklists are generally well intentioned: They keep track of servers known to send large volumes of spam messages, and make their naughty lists available for email servers who trust their data. Any mail server that checks against that blacklist may reject your message and opt to not deliver it.
Being on any blacklist is bad, m’kay? You don’t know which mail servers check against that particular blacklist and who then might not be receiving your emails. You’ll end up with some people who can receive your emails and some who can’t depending on whether they check against the blacklist that you’ve been found on.
Not sure if you’re on a blacklist? Enter your domain name below and we’ll help you find out.
Step 3: Check Your SPF Record
How do spam filters know you are who you say you are?
SPF stands for sender policy framework and it lets “the world” know which servers are allowed to send email on behalf of your domain. For instance, if you’re an Office 365 (or other cloud email provider) user, you would already have an SPF record that allows those servers to send mail on behalf of your domain. The SPF record shows up as a “TXT” record on your domain and begins with “v=spf1”.
There’s one situation where an SPF record may not be needed (though it won’t hurt to have anyway): If you’ve ever hosted your website on a shared hosting plan, you’ll recall all the bells and whistles they throw at you: Unlimited storage, unlimited bandwidth, and free email. When your email and website are both on the same server and resolve to the same IP address, it’s obvious to a spam filter that your website is authorized to send email on behalf or your domain. Once your email and website are provided by different companies (which is preferred), the SPF record is a necessity.
The point of all this is that your SPF record must specifically allow your website to send mail on behalf of your domain. If it doesn’t, you’ll fail any spam checks right out of the gate. So what should a valid SPF record look like?
If you have no SPF record in place, creating a new TXT record on your domain with the following value would be an EXCELLENT place to start:
v=spf1 mx a ~all
This SPF record allows all messages originating from the “MX” record on your domain (which approves any mail server you’re using) as well as any “A” record on your domain (which approves your website). The “~all” flag tells the recipient mail server that in the event the SPF check fails, allow it to be delivered but flag it as spam. If you’re confident in your SPF record, you can change this flag to “-all” to have the recipient mail server discard the message entirely rather than flag it as spam for the recipient.
Now, let’s say you’re using Office 365 as your cloud email provider. Your SPF record would need to look more like this:
v=spf1 mx a include:spf.protection.outlook.com ~all
This SPF record works the same way as the one above, but also allows the server found at “spf.protection.outlook.com” to send mail (which approves the Office 365 mail servers to send your normal email).
So how do you know what your SPF record looks like and if it’s valid?
Step 4: Validate Contact Form
Are you who you say you are?
The default configuration of WordPress will attempt to send mail directly from the web server by looking up the mail server associated with the “to” address on the email, connecting directly to it, and delivering the message. Easy peasy.
What happens to the message next? The destination mail server runs through any checks it’s configured to do to determine if the message is valid (to address looks good, from address looks good) and whether or not it looks like spam. As part of the spam check, any mail server worth its salt will look at the “from” address on the message and look up the SPF record (covered above) for that domain to determine which servers are authorized to send mail on behalf of the domain contained in the email address.
Let’s walk through a real example here: A visitor named Jane Doe with email address [email protected] fills out the contact form on your website to inquire about a product. The notification for the contact form is set up to send the message like this:
What is the result of the SPF check? Failure. Your website is not authorized to send mail on behalf of “businessmail.com”. What happens next depends on a lot of factors. Best case: The message gets delivered but flagged as spam for you to stumble across later. Worst case: The message is discarded entirely and you lost a valuable lead.
So how should the contact form notification be configured? Email should always come FROM a domain that your website is authorized to send email for. In this case, it should look like this:
In this case, we send mail from an email address at our domain ([email protected]) but set the “Reply-To” to the person who filled out the contact form so that when you click “Reply”, the to address is correctly populated to go back to Jane rather than who the message indicated it was from. So you’re setting the from address to an email address on your domain to get it through any spam filters, but setting the reply-to address to the actual user so that it’s easy to reply back to them.
Uh Oh. What Next?
What if you're still not getting mail?
Going through the four steps above gives you the best possible opportunity at WordPress successfully delivering the email. However, email is a fickle beast and there are other things that can cause problems.
If you’ve gone through the steps above and are still having problems, you should definitely do step one again and make sure the mail isn’t getting delivered properly but put in your spam folder. If that’s not it, there are some other options to try:
- Are you using any sort of third party spam filtering service? For instance, we’ve seen a lot of issues getting valid emails past Barracuda Spam Firewalls. If so, you may need to check the rules in place with that third party filter and add exclusions/whitelists there.
- Is it possible for you to create a new email account specifically for your website to use to send email? For instance “[email protected]” or “[email protected]”. If so, you can utilize any WordPress SMTP plugin to connect to that server and send mail as the new user.
Need Some Help?
As part of our free website migration, we check your email configuration and make any changes necessary to keep your email flowing. Interested in having your emails working again on the fastest managed WordPress hosting?Get Started