No one likes to open their email inbox and find spam: it may be better to find nothing at all. To prevent those nasty spam messages from reaching your inbox, email service providers (ESP) such as Gmail, Office 365, etc. have tightened restrictions for their users, when they receive email from outside mail servers. (Gmail.com to gmail.com versus dundee.net email to Gmail.com)
Great idea or not? It may be however, some emails, such as a reset password email sent from a WordPress site travels through the server it is hosted on. If you are using a Gmail account, that WordPress email may or may not reach you.
How do you make sure these types of emails reach their destination?
Add Email authentication to the sending server which verifies it has the approval to send an email on behalf of the domain.
To understand how to accomplish this in WordPress you must understand why these emails are flagged as spam. WordPress uses PHP calls to send an email from the wp mail file. These emails are considered a transactional email and frequently lack the verification required to bypass the spam filters of most ESPs. To certify your transactional email, you must add DKIM, SPF and DMARC txt records in your DNS settings. DKIM will validate the message, essentially telling the ESP that the email is coming from an approved domain
The SPF record validates the server by informing the ESP’s that the domain’s server has the approval to send an email on behalf of the domain. These two text records authenticate the email as a legitimate email and will bypass the spam filters ultimately finding their way into your recipient’s email inbox. DMARC settings are not required but they are strongly recommended. They provide the instructions for the ESP to handle messages that fail the authentication process. Without DMARC emails can be lost into the void of the internet, never to be seen again.
How do you apply these DNS settings into your WordPress website?
The easiest way is to set this up using your cPanel or PLESK, however, if you use a third-party ESP such as Google or Mailing List Services (https://mailinglistservices.com) you will have to receive your SPF and DKIM from your ESP.
Your txt records are set properly, and your emails still fail to be delivered: Now what?
Most web hosting providers use shared web hosting. With shared hosting, all websites on the server use the same IP address. Websites on a shared IP may be blacklisted if spam is sent through that IP by any of the hosted websites sharing it. When emails aren’t making it through you can verify if the IP address is blacklisted by going to mxtoolbox.com.
Don’t know your server’s IP, no problem – use a command prompt (or terminal on Mac OS) to ping your domain. https://helpdeskgeek.com/help-desk/21-cmd-commands-all-windows-users-should-know/
Concerned about sharing your IP address?
Mailinglistservices offers dedicated IP addresses specific to your site for as little as $7.95.
Email may be a complicated matter however there are WordPress plugins dedicated to making this process easier. Of many plugins offered, Wp Mail SMTP by WPforms allows an existing email account to replace the wp email folder, therefore, the email appears as it is coming from a source other than the host server. User beware using a Gmail account for this purpose, you may find your account shut down without warning. Using a third-party service may be the best option for emailing with WordPress. Not only does it provide the proper DKIM, SPF and DMARC records, but you also have access to reporting features which is critical to check the status of an email. High-quality 3rd party ESPs such as Mailinglistservices.com can also provide an IP that is “warmed” helping the email recipients view that the email is coming from a trusted source.