A Complete Guide to WordPress Email Settings for Beginners

Your WordPress site is sending emails right now that never reach anyone’s inbox. Password resets, WooCommerce order confirmations, contact form notifications, all quietly disappearing because the default PHP mail function has no authentication.

WordPress email settings don’t exist as a single configuration page. The options are scattered across multiple screens, and out of the box, most shared hosting servers do a poor job delivering messages. Nearly 1 in 6 emails never reaches the intended recipient, according to EmailToolTester data.

This guide covers how to configure SMTP, choose the right plugin and transactional email provider, set up SPF, DKIM, and DMARC records, troubleshoot delivery failures, and handle sending limits. Whether you’re running a small blog or a WooCommerce store, you’ll walk away with a working email setup.

What Are WordPress Email Settings

WordPress handles outgoing email through the PHP wpmail() function. That function relies on your web server’s built-in mail() capability, and it’s been a source of headaches since the early days of the platform.

The problem? PHP mail sends messages without any authentication. No cryptographic proof. No verification that the email actually came from your domain. Receiving servers like Gmail, Yahoo, and Outlook have zero reason to trust it.

According to W3Techs, WordPress powers roughly 43% of all websites globally. That’s hundreds of millions of sites sending password resets, order confirmations, comment notifications, and form submissions through a system that was never built for reliable email delivery.

WordPress doesn’t ship with a dedicated email configuration screen in the admin dashboard. There’s no “Email Settings” tab sitting in your sidebar. Your site just quietly uses whatever your hosting server provides, and most of the time, that means PHP mail with all its limitations.

The types of emails your WordPress site sends break into two categories:

• Transactional emails: password resets, user registration confirmations, WooCommerce order receipts, contact form submissions, and comment notifications
• Marketing emails: newsletters, promotional campaigns, and subscription form confirmations sent through external platforms

Transactional emails have open rates between 40-50% on average, according to Innertrends data. That’s significantly higher than marketing emails. When those messages fail to deliver, your users notice immediately.

EmailToolTester testing across 15 major email platforms found that the average deliverability rate sits at just 83.1%. Nearly 1 in 6 emails never reaches the intended inbox. For WordPress sites still running default PHP mail with no SMTP configuration, that number is far worse.

Where to Find Email Settings in WordPress

There’s no single “email settings” page in the WordPress admin. The options are scattered across multiple screens, which confuses a lot of people the first time around.

Admin Email vs. Site Email Address

Head to Settings > General and you’ll find two fields that matter here.

The “Administration Email Address” receives all system notifications. Think plugin update alerts, comment moderation notices, and security warnings. This is the address WordPress contacts when something needs your attention.

Changing this address triggers a confirmation email to the new address. If your site’s email delivery is already broken (and you haven’t set up SMTP yet), that confirmation email might never arrive. Took me a while to figure this one out on a client project. You end up stuck in a loop where you can’t confirm the new address because the tool you need to fix is the same one that’s broken.

Your user profile email, found under Users > Profile, is separate from the site admin email. One controls where site notifications go. The other is tied to your user account for login and personal notifications.

WooCommerce Email Configuration Panel

If you’re running an online store, WooCommerce adds its own email settings at WooCommerce > Settings > Emails.

This panel controls order confirmation emails, shipping notifications, refund receipts, and new account welcome messages. Each email type has its own toggle, template, and recipient settings. WooCommerce powers roughly a quarter of all ecommerce sites worldwide, so this panel gets a lot of traffic.

The “From” name and “From” address fields here override WordPress defaults for store-related emails. Set these to match your actual domain. A mismatch between the “From” address and your server’s domain is one of the fastest ways to trigger spam filters.

Comment and Discussion Email Preferences

Settings > Discussion controls comment notification behavior. You can toggle whether WordPress emails you when someone posts a comment, or when a comment is held for moderation.

These are low-priority compared to transactional emails, but they still flow through the same wpmail() function. If your email setup is broken, you won’t get comment alerts either.

Why WordPress Emails Go to Spam or Fail to Send

The default PHP mail() function sends emails without SMTP authentication. That’s the root cause behind almost every delivery failure on WordPress sites.

Receiving servers have gotten aggressive about filtering unauthenticated messages. Gmail began requiring some form of authentication back in 2022, and Mailgun data shows that change alone led to a 75% drop in unauthenticated messages reaching Gmail inboxes.

Here’s what’s actually happening when your emails disappear:

No SPF, DKIM, or DMARC records: Without these DNS records, there’s no way for a receiving server to confirm your domain authorized the email. Gmail, Yahoo, and Microsoft now require SPF and DKIM authentication. As of February 2024, Google and Yahoo enforce this for bulk senders, and Microsoft joined with similar rules in early 2025.

Shared hosting IP blacklists: Shared hosting means your site shares an IP address with dozens (sometimes hundreds) of other sites. If one of those sites sends spam, the entire IP gets blacklisted. Your perfectly legitimate password reset email gets caught in the crossfire. MXToolbox can check whether your IP sits on any blocklists.

“From” address mismatches: When WordPress sends an email using a “From” address like [email protected] but the actual sending server is your host’s shared mail server, SPF checks will fail. The “From” domain and the sending domain need to align.

Validity’s 2025 Email Deliverability Benchmark Report found that global spam placement rates nearly doubled between Q1 and Q4 of 2024. The inbox is getting harder to reach, not easier.

GlockApps data from Q1 2025 shows that average inbox delivery rates dropped across all major providers compared to Q1 2024. The biggest declines hit Office 365 (down 26.73%), Outlook (down 22.56%), and Google Workspace (down 10.49%).

One company tracked by Stripo.email failed to set up DMARC, SPF, and DKIM before the February 2024 deadline. Their open rates collapsed to 1-4%. After implementing authentication, they recovered to around 30% within two weeks. That’s a stark example of what happens when you ignore email authentication on your WordPress site.

How to Set Up SMTP in WordPress

SMTP (Simple Mail Transfer Protocol) fixes the core problem by adding authentication to your outgoing emails. Instead of PHP quietly dropping messages into the void, SMTP connects your WordPress site to a proper mail server with credentials, encryption, and verification.

The general setup process works the same regardless of which plugin or provider you pick:

• Install an SMTP plugin (WP Mail SMTP, FluentSMTP, Post SMTP, or others)
• Enter your SMTP host address, port number, username, and password
• Choose your encryption method (TLS or SSL)
• Set the “From” email to an address on your domain
• Send a test email and check the debug log

WP Mail SMTP data suggests that properly authenticated emails reach a 96.4% deliverability rate compared to just 64% without authentication. That gap alone should be enough to convince anyone.

SMTP Ports and Encryption Types

You’ll see three port numbers come up repeatedly during configuration:

Port 587 with TLS encryption is the standard choice. Most transactional email providers and hosting companies support it without issues. Port 25 is frequently blocked on shared hosting to prevent spam abuse, so don’t bother trying it unless your host specifically tells you otherwise.

Storing Credentials Outside the Database

Most SMTP plugins save your username and password in the WordPress database by default. That’s convenient, but it creates a security risk if your database is ever compromised.

A better approach: define your SMTP credentials as constants in your wp-config.php file. WP Mail SMTP and several other plugins support this. Your credentials stay in the file system rather than the database, and they won’t appear in the WordPress admin interface where other administrators could see them.

This matters more than you’d think, especially on sites with multiple admin users or if you’re managing client sites. Keep those passwords out of the database.

Best WordPress SMTP Plugins

The plugin you choose determines how your WordPress site connects to an SMTP server or transactional email provider. Each one takes a slightly different approach, and the “best” pick depends on what you actually need.

WP Mail SMTP by WPForms

This is the most popular option by a wide margin. Over 4 million active installations on WordPress.org, with more than 4,000 five-star reviews.

It supports a long list of mailers: SendLayer, SMTP.com, Brevo, Gmail API, Outlook, Amazon SES, Mailgun, Postmark, SendGrid, SMTP2GO, and more. The free version covers SMTP configuration and test emails. The Pro version adds email logging, delivery reports, open and click tracking, backup connections, and smart conditional routing.

Setup uses a wizard that walks you through provider selection and credential entry. It’s genuinely hard to mess up if you follow the prompts.

FluentSMTP

Free with no premium upsell. That’s the headline feature. FluentSMTP runs as a lightweight single-page application inside your WordPress admin, so it doesn’t add bloat to your site.

It supports multiple simultaneous connections, which means you can route different types of emails through different providers. Email logging is included out of the box. No paid tier exists, and the developers have made a “free forever” commitment.

The tradeoff? No backup connection failover, and the interface is more bare-bones than WP Mail SMTP. But for a free plugin with zero strings attached, it’s hard to argue with the value.

Post SMTP Mailer/Email Log

Over 400,000 active installations and a remarkably low ratio of negative reviews. Post SMTP includes email logging without requiring a premium upgrade, which is a real advantage over WP Mail SMTP Lite.

It also supports fallback SMTP, meaning if your primary provider fails, it’ll attempt delivery through a secondary connection. Connectivity testing is built in, and the debug output is detailed enough to actually diagnose problems.

Plugin Comparison at a Glance

Which Plugin Works Best for WooCommerce Stores

WooCommerce stores send a higher volume of transactional emails than most WordPress sites. Order confirmations, shipping updates, refund notifications, and new account emails all need to arrive without delay.

WP Mail SMTP Pro is the safest bet here. The backup connection feature means that if your primary email provider goes down during a sale, your order confirmations still go out through the secondary provider. That’s not a nice-to-have for a store doing real volume. It’s a requirement.

FluentSMTP’s multi-connection support works for this too, but the lack of automatic failover means you’d need to manually switch if something breaks. During a Black Friday rush, that’s not ideal.

Transactional Email Providers That Work With WordPress

Your SMTP plugin is just the connector. The actual email delivery happens through a transactional email service. These providers maintain clean IP reputations, handle authentication automatically, and give you deliverability rates that shared hosting can’t match.

SendGrid

Free tier: 100 emails per day.

SendGrid offers both API and SMTP relay options for WordPress integration. It’s owned by Twilio, which gives it solid infrastructure backing. The free tier is enough for low-traffic sites, but you’ll hit that 100-email ceiling fast if you run any kind of lead generation forms or ecommerce. Paid plans scale based on volume.

Mailgun

Mailgun operates on a pay-as-you-go model after a trial period. It’s built for developers and has strong deliverability reputation. The Sinch Mailgun team published detailed benchmark data for 2024 showing deliverability trends across industries and regions.

Mailgun’s GlockApps data did show a 27.5% drop in inbox deliverability from Q1 2024 to Q1 2025, though. That’s the largest decline among the email service providers tracked. Worth monitoring if you’re relying on them.

Amazon SES

Cheapest at scale. Amazon Simple Email Service charges fractions of a cent per email, which makes it the go-to for high-volume WordPress sites. The catch is that setup requires an AWS account, IAM credentials, and more DNS configuration than other providers.

If you’re comfortable with AWS, the cost savings are significant. If “IAM role” makes you nervous, look at Brevo or SendGrid instead.

Brevo (Formerly Sendinblue)

Free tier: 300 emails per day. Brevo’s WordPress plugin handles SMTP configuration and also includes sign up forms and basic email marketing tools. That dual purpose makes it popular with smaller sites that want both transactional delivery and subscriber management in one place.

Postmark

Postmark focuses exclusively on transactional email. No marketing campaigns, no newsletters, just fast delivery for the messages your users are waiting for. They also offer a free DMARC monitoring tool that’s genuinely useful for tracking your domain’s email authentication status.

When Your Host’s SMTP Is Enough

Some managed WordPress hosts include SMTP configurations that work reasonably well for low-volume sites. If you’re running a small blog with a contact us page and occasional comment notifications, your host’s built-in email might be fine.

But if you’re sending WooCommerce order emails, running WordPress registration forms, or collecting leads through WordPress forms, a dedicated transactional email provider is worth the setup time. The deliverability difference is measurable, and your users will notice when their password reset emails actually arrive.

DNS Records for WordPress Email Delivery

Your SMTP plugin handles the connection. DNS records handle the trust. Without proper SPF, DKIM, and DMARC configuration at the domain level, receiving mail servers will still flag your WordPress emails as suspicious.

EasyDMARC’s 2025 report shows DMARC adoption among top domains grew from 27.2% to 47.7% between 2023 and 2025. That’s a 75% surge, but it still means more than half of domains lack any DMARC record at all.

How to Add SPF and DKIM Records in Popular DNS Hosts

SPF (Sender Policy Framework): A TXT record in your DNS that lists which servers are allowed to send email on behalf of your domain. When Gmail receives a message claiming to be from you, it checks your SPF record against the sending server’s IP.

DKIM (DomainKeys Identified Mail): A cryptographic signature added to your email headers. The receiving server uses a public key published in your DNS to verify the message wasn’t altered in transit.

Where you add these records depends on where your DNS is managed:

• Cloudflare: DNS tab, add TXT record, paste the value from your email provider
• GoDaddy: DNS Management, add record type TXT
• cPanel: Zone Editor, add the record under your domain

Your transactional email provider (SendGrid, Mailgun, Postmark, Amazon SES) gives you the exact values to paste. Copy them character for character. One typo breaks the whole thing.

Testing Your DNS Configuration

Q2 2025 analysis from Fortra found that only about 18% of the world’s 10 million most-visited domains publish a valid DMARC record, and just 4% enforce a reject policy.

That’s a lot of domains leaving themselves open to spoofing. Don’t be one of them.

DMARC ties SPF and DKIM together by telling receiving servers what to do when checks fail. Start with a p=none policy (monitoring only), then move to p=quarantine or p=reject once you’re confident your legitimate emails pass authentication.

Tools for verifying your records:

• MXToolbox for SPF, DKIM, and DMARC lookups
• Google Admin Toolbox (CheckMX) for Gmail-specific checks
• Mail-tester.com for a quick overall deliverability score

Common mistakes I’ve seen over and over: duplicate SPF records on the same domain (you can only have one), incorrect DKIM selector names, and DMARC records placed on a subdomain instead of the root domain. Any of these will silently break your email authentication, and your WordPress notification emails will land in spam without you knowing why.

Email Logging and Troubleshooting in WordPress

“It’s not working” is the most common email complaint on WordPress sites. Without logging, you’re completely blind to what’s actually happening after your site calls wpmail().

Unspam.email data from 2026 shows that 32% of all emails land in spam across all sender types. Even with SPF and DKIM at 90%+ adoption levels, inbox placement sits at just 65% globally. Authentication alone isn’t enough. You need visibility into what’s going out and what’s failing.

Why Every WordPress Site Needs Email Logging

Without logs, you’re guessing. A customer says they never got their WooCommerce order receipt. A user reports the password reset link never arrived. A form submission from your website disappears into the void.

Email logging records every outgoing message: recipient, subject line, timestamp, sending status, and (in some plugins) whether the email was opened. When something breaks, you can trace it instead of shrugging.

Plugins That Log WordPress Emails

Reading SMTP Debug Output

When a test email fails, most SMTP plugins display debug information. Look, it’s not the prettiest output, but it tells you exactly what went wrong.

Common error messages and what they mean:

• “Could not authenticate” means wrong username, password, or the account needs an app-specific password (Google and Microsoft accounts with two-factor enabled)
• “Connection timed out” typically means your host is blocking the SMTP port, usually port 25 or 587
• “Mismatch in FROM address” means SPF is checking the “From” domain against the sending server and they don’t match

If your error message includes a 550 code, the receiving server actively rejected your email. A 421 or 451 code means temporary failure, and the server might accept a retry. Google these codes with the specific text that follows them, and you’ll almost always find your answer.

WordPress Email Settings for Multisite

Multisite adds a layer of complexity to everything in WordPress, and email is no exception. Each subsite generates its own stream of automated messages, but they all flow through the same delivery channel on the same server.

Network Admin Email vs. Individual Site Emails

The Network Admin email receives network-wide alerts: new site registrations, plugin updates, and security notices. Each subsite has its own admin email configured under Settings > General within that site’s dashboard.

These are separate addresses serving separate purposes. Confusing them, or pointing them all to the same inbox, makes troubleshooting harder than it needs to be.

Configuring SMTP Network-Wide

Both WP Mail SMTP Pro and FluentSMTP support network activation. Install once, activate at the network level, and every subsite inherits the same SMTP configuration.

WP Mail SMTP Pro offers a “global settings” toggle that pushes a single SMTP configuration across all subsites automatically. This avoids per-site setup, which is a real time saver when you’re managing dozens of sites.

FluentSMTP handles this through its multi-connection feature. You can define a single SMTP provider at the network level and let all subsites use it.

Different “From” Addresses for Different Subsites

This is where it gets tricky. If subsite A is store.example.com and subsite B is blog.example.com, you probably want emails from each to use different sender addresses.

WP Mail SMTP Pro lets you disable the “force from email” setting at the network level. Individual Site Admins can then configure their own “From” address. Just make sure each address matches a domain that has valid SPF and DKIM records, or you’ll create new deliverability problems while trying to fix the branding.

Keep in mind that all subsites share one server IP. If one subsite sends spammy content (or gets compromised), the reputation hit affects email delivery across the entire network. Email logging at the network level helps you spot problems on individual sites before they tank delivery for everyone.

Sending Limits and Rate Throttling

Every hosting provider and email service has sending limits. If your WordPress site tries to exceed them, emails get queued, bounced, or silently dropped. Most people don’t discover these limits until something important fails to send.

Shared Hosting Email Limits

The limits vary wildly depending on your host and plan:

GoDaddy’s limit is especially tight for WordPress sites running any kind of form optimization with email notifications. At 250 relays per day on shared hosting, you can burn through that cap fast during a busy period.

Free Tier Limits on Transactional Providers

SendGrid: 100 emails per day on the free plan.

Brevo: 300 emails per day. Enough for most small sites, but a WooCommerce store running a flash sale can blow past that in an hour.

Mailgun: Pay-as-you-go after a trial period. No fixed free tier anymore.

Gmail SMTP, which many WordPress users configure through WP Mail SMTP, caps at 500 emails per day on free accounts and 2,000 per day on Google Workspace. If you’re using Gmail as your SMTP relay and you also send personal emails from that account, those count toward the same limit.

Handling High Volume During Sales and Events

WooCommerce stores face a specific problem during peak traffic. A Black Friday rush can generate hundreds of order confirmation emails, shipping notifications, and form submission confirmation messages in a short window.

WooCommerce uses the Action Scheduler library to queue background tasks, including email sends. This helps spread out email delivery over time instead of trying to blast everything at once. But it only works if your hosting environment supports background processing (most do, but some cheap shared hosts throttle cron jobs).

If your site regularly sends more than a few hundred emails per day, shared hosting SMTP just won’t cut it. Move to a dedicated transactional email provider like SendGrid, Postmark, or Amazon SES. The deliverability is better, the sending limits are higher, and you get actual logging and analytics to track what’s happening with your emails.

For sites collecting leads through website forms for lead generation, missed email notifications mean missed business. One lost intake form submission that never triggers a notification email can cost you a client.

FAQ on WordPress Email Settings

Why is my WordPress site not sending emails?

WordPress uses the PHP mail() function by default, which sends messages without SMTP authentication. Most shared hosting servers don’t configure it properly. Installing an SMTP plugin like WP Mail SMTP or FluentSMTP and connecting to a proper mail server fixes this.

Where are email settings in WordPress?

There’s no single email settings page. The admin email lives under Settings > General. Comment notifications are in Settings > Discussion. WooCommerce stores have a separate panel at WooCommerce > Settings > Emails for order-related messages.

What is the best SMTP plugin for WordPress?

WP Mail SMTP leads with over 4 million active installations. FluentSMTP is the best free option with no premium upsell. Post SMTP includes email logging in its free version. Your choice depends on whether you need backup connections and delivery tracking.

How do I stop WordPress emails from going to spam?

Set up SMTP authentication through a plugin, then add SPF, DKIM, and DMARC records to your domain’s DNS. These records prove to receiving servers like Gmail and Yahoo that your emails are legitimate. Keep your spam complaint rate below 0.3%.

What SMTP port should I use in WordPress?

Use port 587 with TLS encryption as the default. Port 465 with SSL works as a fallback. Port 25 is frequently blocked by hosting providers to prevent spam. Most transactional email services like SendGrid and Mailgun support 587.

Can I use Gmail SMTP with WordPress?

Yes. Configure WP Mail SMTP with the Gmail API option using OAuth authentication. Free Gmail accounts allow 500 emails per day. Google Workspace accounts allow 2,000. Remember that personal emails from the same account count toward your daily limit.

How do I test if WordPress emails are working?

Most SMTP plugins include a test email feature. Send a test to a Gmail, Yahoo, and Outlook address. Check the SMTP debug log if it fails. Mail-tester.com gives you a deliverability score and flags authentication issues with your DNS records.

What is the difference between SMTP and PHP mail in WordPress?

PHP mail sends messages without credentials or encryption through your server’s built-in mail handler. SMTP authenticates with a username and password over an encrypted connection. Authenticated emails achieve significantly higher deliverability rates than unauthenticated PHP mail.

Do I need SPF and DKIM records for WordPress email?

Yes. Since February 2024, Gmail and Yahoo require SPF and DKIM authentication for bulk senders. Even low-volume WordPress sites benefit from these records. Without them, receiving servers have no way to verify your emails aren’t forged spam.

How do I change the “From” email address in WordPress?

Install an SMTP plugin and set the From Email field to an address on your domain. Avoid using generic addresses like [email protected]. Make sure the “From” domain matches the domain authorized in your SPF record to pass authentication checks.

Conclusion

Getting your WordPress email settings right isn’t optional anymore. With Gmail, Yahoo, and now Microsoft enforcing stricter sender authentication requirements, sites still relying on the default PHP wpmail()` function are losing emails every day.

The fix follows a clear path. Install an SMTP plugin, connect it to a transactional email provider like SendGrid, Postmark, or Brevo, and configure your SPF, DKIM, and DMARC DNS records. Turn on email logging so you can actually see what’s going out and what’s failing.

Test your setup monthly. Check your sender reputation through Google Postmaster Tools. Monitor your bounce rate and spam complaint rate to stay below that 0.3% threshold.

If you’re running a WooCommerce store or collecting submissions through web forms, reliable email delivery directly affects your revenue. Don’t leave it to chance. Set it up once, verify it works, and your WordPress site will handle the rest.