Back in the old days, the Wild West days, anyone could send email claiming to be from whoever and receiving email systems would accept it. But the mind-boggling gamut of spam and scam email has made people suspicious. Many servers won’t let just any incoming email past the gate. They want to make sure it’s not spoofed, with a fake “from” email address.
Your WordPress web server sends email. It alerts the administrator (you) that plugins were updated, that comments need moderation, and so on. Plugins might generate email of their own. By default, your server sends these in the Wild West way.
This email is not spoofed. It really does come from your domain. But because it was sent the old-fashioned way, it can’t show proper ID. Some email systems — more as time goes on — will reject it.
The easiest way to fix this problem is to have your email sent by a proper email server rather than your web server. WP Mail SMTP is the most popular plugin for this. It’s free, everyone likes it, me too. It sets up your website so email it sends is routed through an outside email server, which stamps each message “approved”. You can use your normal email account for this, or create a separate account just for this purpose.
To set up, you need some information about your email service provider’s SMTP server. This typically includes DNS name, port number, and authentication method. You can find this information in the email provider’s instructions for how to set up email clients. If you already have an email client set up to access that account — your phone’s email app, for instance — you can copy details from the email program’s settings. You also must enter your email user login name and password.
You can use a Google email account, but Google’s email is very security conscious. The setup procedure is more complicated.
If you find this website helpful, subscribe for email updates!
Your information will not be shared (except with MailChimp, who manages the subscriber list).
Keeping your email address private
You can specify a different “from” address for your email than the email account you’re logging into to send it. However, recipients can find your real email address in the email headers.
To keep my real email address private, I create a “throwaway” mailbox in my domain, to use as the SMTP login. Set this address up to automatically discard incoming mail and/or automatically reply, referring people to an alternative means of contacting you. Name the account “noreply” or something similar, so nobody will expect email to that address will be read.
Apart from that, it doesn’t matter whether the “real” sender and the “from” line of the email are the same. You might decide to have different “from” addresses for different emails your site generates, some associated with a real mail file, others not.
Microsoft Mail users
This section applies if you’ve contracted with Microsoft for them to provide email service for your domain. So, someone sends email to firstname.lastname@example.org, and you have to login to a Microsoft mail system — Outlook or MSN.com — to read it.
In that situation, the free version of WP Mail SMTP can’t send email via these accounts. Instead, use the plugin Mail Integration for Office 365/Outlook by Edward Cross.
However: if you are in this situation, I’d like you to also consider dropping your Microsoft mail service and using the mail service of your hosting provider, if that’s included as part of the website hosting package. Microsoft is an evil monopolist who allows third party applications access to your email unless you’re really careful about how you set your security settings. In addition, they have faulty spam blocking rules that result in a lot of false positives — legitimate email sent to you gets flagged as spam because it comes from the same mail server that some spammer used. In an environment where web hosting providers use the same set of mail servers for all their clients — including you! — this is not a reasonable test.