WP Mail SMTP Setup Guide for WordPress
WordPress uses the PHP mail() function by default to send emails -- password resets, contact form submissions, order confirmations, comment notifications. The problem is that mail() sends from the web server's local MTA with no authentication, no DKIM signing, and often from an IP address with poor reputation. The result: emails land in spam or never arrive at all.
WP Mail SMTP is the most widely used plugin to solve this. It overrides WordPress's default mail function and routes all outgoing email through an authenticated SMTP server. This guide covers installation, configuration, and verification.
Why WordPress Email Fails Without SMTP
When WordPress sends email via mail(), the following problems are common:
- No SPF alignment. The sending IP (your web server) is not listed in your domain's SPF record.
- No DKIM signature. The local MTA does not sign messages with your domain's DKIM key.
- Poor IP reputation. Shared hosting IPs are frequently blacklisted because other sites on the same server send spam.
- Misconfigured or absent MTA. Some hosting environments do not have a properly configured Postfix or Sendmail installation.
Routing email through an authenticated SMTP server solves all of these issues by sending from infrastructure that is properly configured and has managed reputation.
Step 1: Install WP Mail SMTP
- In your WordPress dashboard, go to Plugins > Add New.
- Search for "WP Mail SMTP".
- Install and activate the plugin by WPForms.
- The setup wizard launches automatically after activation.
Step 2: Choose a Mailer
WP Mail SMTP supports several mailers:
| Mailer | Best For |
|---|---|
| Other SMTP | Any SMTP server (Gmail, Office 365, custom) |
| SendLayer | Dedicated transactional email |
| SMTP.com | High-volume transactional email |
| Brevo (Sendinblue) | Marketing + transactional |
| Amazon SES | High-volume, low-cost sending |
| Google Workspace / Gmail | Google-hosted email |
| Outlook / Microsoft 365 | Microsoft-hosted email |
| Mailgun | Transactional email |
| SendGrid | Transactional + marketing email |
| Postmark | Transactional email |
For most users, "Other SMTP" with Gmail or Microsoft 365 credentials is the simplest approach. For production sites with significant email volume, a dedicated transactional service (SendGrid, Postmark, Amazon SES) is recommended.
Step 3: Configure SMTP Settings
Navigate to WP Mail SMTP > Settings in the WordPress dashboard.
From Email and Name
- From Email: Set this to an address at your domain (e.g.,
[email protected]). Check "Force From Email" to override any other plugin's from address. - From Name: Your site name or brand. Check "Force From Name" if needed.
SMTP Configuration (Other SMTP)
| Field | Value |
|---|---|
| SMTP Host | Your SMTP server (e.g., smtp.gmail.com, smtp.office365.com) |
| Encryption | TLS (recommended) |
| SMTP Port | 587 (for TLS) or 465 (for SSL) |
| Authentication | On |
| SMTP Username | Your email address |
| SMTP Password | App Password or account password |
For Gmail, use an App Password (not your regular Google password) since Google requires 2FA and has deprecated "Less Secure Apps." For Microsoft 365, ensure SMTP AUTH is enabled for the user account in the admin center.
Step 4: Send a Test Email
Go to WP Mail SMTP > Tools > Email Test. Enter a recipient address and send a test. The plugin reports success or failure with diagnostic details.
If the test succeeds, check the received email:
- Did it land in the inbox or spam folder?
- Inspect the email headers to verify SPF and DKIM pass.
If the test fails, common causes include:
- Wrong credentials: Double-check username and password. For Gmail, ensure you are using an App Password.
- Port blocked: Your hosting provider may block port 587 or 465. Contact them or switch to a mailer that uses an API instead of SMTP (SendGrid, Mailgun, Amazon SES).
- Authentication disabled: For Microsoft 365, SMTP AUTH must be explicitly enabled per user.
Step 5: Verify DNS Records
Sending through SMTP fixes the transport, but your domain's DNS still needs proper authentication records.
SPF: Your SPF record must include the SMTP server you are sending through.
- Gmail:
include:_spf.google.com - Microsoft 365:
include:spf.protection.outlook.com - SendGrid:
include:sendgrid.net
Verify with the InboxTooling SPF Check.
MX records: Confirm your domain's MX records are correct for receiving mail with the InboxTooling MX Lookup.
Full diagnostic: Run the InboxTooling Full Report to check MX, SPF, DKIM, and DMARC in one pass.
Advanced Configuration
Logging
Enable email logging under WP Mail SMTP > Settings > Email Log (requires the Pro version or a separate logging plugin). Logs help diagnose delivery issues by recording every email WordPress sends, its status, and any errors.
Backup Connection
The Pro version supports a backup SMTP connection that activates if the primary fails. For critical sites (e-commerce, SaaS), this prevents lost transactional emails during outages.
Constants in wp-config.php
For security, you can define SMTP credentials as constants in wp-config.php rather than storing them in the database:
define( 'WPMS_ON', true );
define( 'WPMS_SMTP_HOST', 'smtp.gmail.com' );
define( 'WPMS_SMTP_PORT', 587 );
define( 'WPMS_SSL', 'tls' );
define( 'WPMS_SMTP_AUTH', true );
define( 'WPMS_SMTP_USER', '[email protected]' );
define( 'WPMS_SMTP_PASS', 'your-app-password' );
This prevents credentials from being exposed if the database is compromised or exported.
Summary
WP Mail SMTP is a straightforward fix for WordPress's unreliable default email handling. Install the plugin, configure it to use a proper SMTP server with authentication, verify your DNS records, and test. The result is reliable email delivery with proper authentication -- which means your messages reach inboxes instead of spam folders.
Stay on top of your email infrastructure. Sign up for the InboxTooling newsletter for deliverability tips, tool updates, and best practices.