WordPress's default email uses PHP mail(), which sends unauthenticated email that frequently goes to spam. Fix: install WP Mail SMTP plugin, connect it to a proper SMTP service (Brevo free tier for small sites, SendGrid/Mailgun for higher volume, Postmark for critical transactional). This routes all WordPress email through authenticated SMTP instead of PHP mail, improving deliverability from ~50% to 95%+.
WordPress Email via SMTP: Complete Setup Guide
The Problem
WordPress sends email using PHP's mail() function. This means:
- Email comes from your web server's IP address
- No SPF, DKIM, or DMARC authentication
- Shared hosting IP is often blacklisted by other sites on the server
- Receiving servers flag it as spam
Result: contact form submissions never arrive, WooCommerce order confirmations go to spam, password resets are unreliable.
The Fix: WP Mail SMTP + External Service
Step 1: Install WP Mail SMTP
- WordPress Dashboard → Plugins → Add New
- Search "WP Mail SMTP"
- Install and activate WP Mail SMTP by WPForms
- Navigate to WP Mail SMTP → Settings
Step 2: Choose Your SMTP Service
| Your Situation | Service | Cost |
|---|---|---|
| Small blog, contact forms only | Brevo free | $0 (300/day) |
| Medium site, 1K-10K emails/mo | SendGrid Essentials | $19.95/mo |
| WooCommerce transactional | Postmark | $15/mo |
| Already using Mailgun | Mailgun | Included in plan |
| Very low volume | Gmail/Google Workspace SMTP | Free (500/day) |
| Budget, easy setup | Brevo Starter | $9/mo |
Step 3: Configure in WP Mail SMTP
For Brevo (Easiest Free Option)
- Create a Brevo account at brevo.com
- In Brevo: Settings → SMTP & API → SMTP
- Get SMTP credentials (server, port, login, password)
- In WP Mail SMTP: select "Other SMTP"
- Enter:
smtp-relay.brevo.com, port 587, TLS, your Brevo login/password
For SendGrid
- Create SendGrid account, generate API key with Mail Send permission
- In WP Mail SMTP: select "SendGrid" mailer
- Enter your API key
- WP Mail SMTP handles the rest via SendGrid's API
For Mailgun
- Verify your domain in Mailgun
- Get API key from Mailgun Settings
- In WP Mail SMTP: select "Mailgun" mailer
- Enter domain and API key
For Postmark (WooCommerce recommended)
- Create Postmark account, get Server API Token
- In WP Mail SMTP: select "Other SMTP" or use Postmark-specific plugin
- Enter:
smtp.postmarkapp.com, port 587, your Server API Token
Step 4: Domain Authentication
Regardless of which service you choose:
- Add SPF include for your SMTP service to your domain's DNS
- Configure DKIM (follow your service's instructions)
- Publish DMARC record
- Verify all authentication passes
Step 5: Test
WP Mail SMTP → Email Test → Send test email to your personal address.
Check the headers: SPF pass, DKIM pass, DMARC pass. If all pass, WordPress email is now properly authenticated.
WooCommerce-Specific Setup
WooCommerce sends critical transactional email:
- Order confirmations
- Shipping notifications
- Password resets
- Account verification
These must reach the inbox. Use Postmark ($15/month) for the best transactional deliverability, or Brevo (free, includes transactional) for budget setups.
WooCommerce + Postmark
- Install WP Mail SMTP + configure Postmark
- All WooCommerce transactional routes through Postmark
- Marketing (Klaviyo, Mailchimp) remains separate
- Result: reliable transactional delivery isolated from marketing
Common Mistakes
Using "From" address that doesn't match your domain. If your WordPress sends from [email protected] but your SMTP authenticates for yourdomain.com, this should work. If it sends from a @gmail.com address, authentication fails.
Not configuring DNS. Installing WP Mail SMTP + connecting a service isn't enough. You must add SPF and DKIM records to your domain's DNS for proper authentication.
Using shared hosting SMTP. Some guides recommend using your host's SMTP (mail.yourdomain.com). This is barely better than PHP mail() — the shared hosting IP reputation is usually poor.
Practitioner note: For WooCommerce stores, this is the first infrastructure fix I make. An ecommerce store where order confirmation emails go to spam is losing money on every order. WP Mail SMTP + Postmark takes 15 minutes to set up and immediately fixes the problem. It's the highest-ROI 15 minutes you can spend.
Practitioner note: If you're using a page builder or membership plugin that sends email (Elementor forms, MemberPress, LearnDash), those also route through PHP mail() by default. WP Mail SMTP catches everything — all WordPress email, regardless of which plugin triggers it.
If you need WordPress email infrastructure set up correctly, schedule a consultation.
Sources
- WP Mail SMTP: Documentation
- WordPress: wp_mail Function
v1.0 · March 2026
Frequently Asked Questions
Why does WordPress email go to spam?
WordPress uses PHP's mail() function by default, which sends email from your web server's IP without proper authentication (no SPF, no DKIM). Receiving servers see unauthenticated email from a shared hosting IP and filter it to spam. SMTP routing fixes this by sending through an authenticated email service.
What is WP Mail SMTP?
WP Mail SMTP is the most popular WordPress plugin for routing email through external SMTP services. It replaces PHP mail() with authenticated SMTP sending. Free version supports all major providers. Pro version adds logging, email tracking, and backup connections.
Which SMTP service should I use with WordPress?
Small sites (<1K emails/month): Brevo free (300/day). Medium sites (1K-10K): SendGrid Essentials ($19.95/mo) or Mailgun Foundation ($35/mo). WooCommerce stores: Postmark for transactional ($15/mo) + your marketing ESP. Budget option: Gmail/Google Workspace SMTP (500/day limit).
Can I use Gmail SMTP for WordPress?
Yes, for low volume. Google Workspace allows 500 emails/day via SMTP. For contact forms and occasional notifications, this is sufficient. For WooCommerce order emails or high-traffic sites, use a dedicated service.
Do I need this if I use a marketing ESP?
Yes. Your marketing ESP (Klaviyo, Mailchimp) handles marketing campaigns. But WordPress itself sends emails: contact form submissions, password resets, WooCommerce orders, plugin notifications. These use PHP mail() by default and need SMTP routing separately.
Want this handled for you?
Free 30-minute strategy call. Walk away with a plan either way.