If you’ve ever wondered why customers say they never received your email reply, or why contact form submissions seem to vanish, you’re not alone. WordPress email deliverability is one of the most common — and most overlooked — problems affecting UK business websites.

By default, WordPress sends emails using PHP’s built-in mail() function. This is like posting a letter without a return address — it works sometimes, but email providers increasingly treat it as suspicious. On shared hosting, your emails leave from the same IP as hundreds of other sites, including those sending spam.

The solution is SMTP (Simple Mail Transfer Protocol): instead of sending emails directly from your server, route them through a dedicated email service. Popular options include SendGrid, Postmark, Mailgun, and Amazon SES. These services maintain clean sending reputations and handle authentication properly.

Email authentication is essential: SPF

Tells receiving servers which IPs can send email for your domain. DKIM (DomainKeys Identified Mail) adds a cryptographic signature proving the email hasn’t been tampered with. DMARC ties them together with a policy for handling failures.

Frequently Asked Questions

Why do WordPress emails go to spam?

WordPress emails land in spam for three main reasons: shared IP reputation (on shared hosting, your emails leave from the same IP as hundreds of other sites including spam senders — email providers judge your messages by the company you keep), missing authentication records (SPF, DKIM, and DMARC not configured or misconfigured for your sending domain), and PHP mail() function use (WordPress’s default mail method sends without authentication, which major providers increasingly treat as suspicious). The solution is either native Postfix on a dedicated IP with proper authentication records, or SMTP relay through a dedicated transactional email service.

What is SPF and does my WordPress site need it?

SPF (Sender Policy Framework) is a DNS TXT record that declares which mail servers are authorised to send email for your domain. Without SPF, receiving mail servers have no way to verify that an email claiming to be from your domain was actually sent by your server — making it indistinguishable from a spoofed email. WordPress transactional emails (order confirmations, contact form replies, password resets) need SPF configured for your sending domain to achieve reliable inbox delivery. SPF alone is not sufficient — DKIM and DMARC are also needed for comprehensive authentication.

What is the difference between WordPress email using PHP mail() and SMTP?

PHP’s built-in mail() function sends email without authentication using the web server’s local mail transfer agent. On shared hosting, this means emails leave from a shared IP with no cryptographic signature — major providers (Gmail, Outlook, Yahoo) increasingly filter or reject these. SMTP sends email through a properly authenticated mail server with SPF and DKIM signing, providing the cryptographic proof that email providers require for reliable inbox delivery. Either your hosting provider’s native SMTP (such as WP Pro Host’s Postfix with dedicated sending IPs) or a third-party SMTP relay service (Sendgrid, Mailgun, Postmark) provides this authentication.

How do I fix WordPress WooCommerce order confirmation emails not being received?

Diagnose in order: send a test email via WooCommerce > Settings > Emails and check whether it arrives in inbox or spam. Check the email headers of a received message for SPF and DKIM authentication results (look for “pass” or “fail” in Authentication-Results headers). Verify SPF and DKIM DNS records are configured using MXToolbox. If using PHP mail(), switch to SMTP via a plugin like WP Mail SMTP or FluentSMTP. If SMTP is already configured, check that the sending domain matches the From address and that DKIM keys are published correctly. Test with Mail-Tester.com for a comprehensive deliverability score and specific recommendations.

Should I use an SMTP plugin or native server email for WordPress?

Native server email via a properly configured Postfix installation on a dedicated or isolated sending IP is the most reliable approach for transactional email — it provides full control, no external service dependency, and no per-message costs. SMTP relay through a dedicated transactional email service (Sendgrid, Mailgun, Postmark) is a strong alternative that outsources IP reputation management and provides delivery analytics. PHP’s built-in mail() function on shared hosting is the least reliable option and should be replaced for any business-critical transactional email. On WP Pro Host, native Postfix with pre-configured authentication means WordPress transactional emails are deliverable without additional plugin configuration.