How to Achieve 100% WordPress Email Delivery: Complete Guide to WP Mail SMTP and DNS Records (SPF/DKIM/DMARC)

How to Achieve 100% WordPress Email Delivery: Complete Guide to WP Mail SMTP and DNS Records (SPF/DKIM/DMARC) WordPress
Sponsored

How to Ensure the Security of Emails Sent from WordPress

When running a WordPress site, ensuring the “reliability and security” of emails sent from your system—such as automated replies from contact forms and comment notifications—is crucial. Especially since the **strict update to Google and Yahoo’s “Email Sender Guidelines” in 2024**, emails without proper authentication settings not only fail to deliver but also pose a significant risk of damaging your domain’s reputation.
In this article, instead of relying on external paid systems, we will guide you through the exact steps to utilize the SMTP functionality of your own rental server. We will explain **in an easy-to-understand way for beginners** how to successfully clear the highest standard of security authentication (DKIM and DMARC).

💡 Note for Readers:
The screenshots in this guide are from the Japanese management screens of Core Server and Value Domain. However, the step-by-step numbers, input fields, and plugin settings are identical worldwide. Just follow the red numbers and highlighted areas to complete your setup easily!

Building a 100% Secure Email Delivery Environment with WP Mail SMTP

The definitive solution to make emails sent from WordPress as secure and reliably delivered as possible is to activate the “WP Mail SMTP” plugin, **”configure your server’s SMTP settings, and correctly set up the DKIM and DMARC DNS records on your domain side.”** This might sound difficult for beginners, but you will be absolutely fine if you follow the steps!

In this guide, I will use Core Server, which I personally use, as an example. However, every rental server always provides an official manual. If you would like to see specific explanations with screens tailored to your host, please check your own server’s documentation alongside this guide.

Step 1: Get the “DKIM Setting” Values from Core Server

First, we will retrieve the encrypted text for “DKIM (Public Key),” which acts as the digital signature for your emails, from the Core Server side.

  1. Log in to your Core Server (V2) control panel.
  2. Select 1 “Mail” (メール) from the left menu.
    Core Server Control Panel
  3. Select 2 “DKIM Management” (DKIM管理) and choose the target domain in 3 (Note: **Even if you have created subdomains, you must select the root parent domain**). If nothing is written in the section marked 4, DKIM has not been activated yet. (*If it is already filled in, please skip to Step 6.)
    Core Server Control Panel DKIM Management
  4. Select 5 “Mail Account Settings” (メールアカウント設定). Choose the target domain in 6. Click 7 “Enable DKIM” (DKIMを有効).
    Core Server Mail Account Settings
  5. It is successful if “Success” appears in the bottom right of the screen.
    Success Message
  6. Select 8 “DKIM Management” (DKIM管理). Confirm the target domain in 9. Click 10 the pencil (Edit) icon.
    Core Server DKIM Edit Screen
  7. Copy the text entered in 11 “Name” (名前) and the DKIM record entered in 12 “Value” (値) separately, and save them in a text editor like Notepad. Close this screen by clicking 13.
    Copying DKIM Record Values

Step 2: Add DNS Records for DKIM and DMARC in Value Domain

Next, we will apply the retrieved values to the DNS settings of Value Domain. This time, to ensure robust security, **we will enable both DKIM and DMARC**.

  1. Open 1 “Domain Management” (ドメイン管理) in Value Domain. Confirm the target domain in 2. Open the 3-dot menu on the right edge in 3. Click 4 “DNS Settings” (DNS設定).
    Value Domain Control Panel
  2. Click 5 the pencil (Edit) icon.
    Value Domain DNS Edit Screen
  3. Click 6 “Add Row” (行の追加). Click the “Type” (タイプ) column in 7 and select “TEXT”. Paste the “Name” (名前) you copied in Step 7 of Step 1 into 8. Paste the long “DKIM Record” into 9 “Content” (コンテンツ).
    Adding DKIM Record in Value Domain
  4. Click “Add Row” (行の追加) once more. Following the same procedure, select “TEXT” for Type. Enter “_dmarc” for Name. Enter “v=DMARC1; p=none;” for Content. Click “Save” (保存) in the bottom right.
  5. If the two rows are successfully added like this, you are all set!
    Confirming Added DNS Records

[Supplement] The Meaning of Each Record

  • DKIM (x._domainkey): A security mechanism that applies a digital key (electronic signature) to your email, proving to the receiving side that the message is “authentic and has not been tampered with.”
  • DMARC (_dmarc): An administrative policy rule that dictates how to handle “suspicious spoofed emails” that fail SPF or DKIM authentication. Setting p=none; specifies a safe monitoring mode that means “do not reject emails for now, just monitor them and send reports to the administrator.”

Step 3: Configure “WP Mail SMTP” in Your WordPress Dashboard

Once the server-side preparation is complete, install and activate the “WP Mail SMTP” plugin on your WordPress site.
WP Mail SMTP Plugin in Dashboard
  1. Once activated, open the plugin’s “Settings” in 1.
    WP Mail SMTP Settings Button
  2. If the setup wizard launches in 2, let’s temporarily return to the dashboard.
    WP Mail SMTP Setup Wizard Screen
  3. Select “Other SMTP” from the mailer list in 3.
    Selecting Other SMTP Mailer
  4. Fill in the fields as follows:
    4 SMTP Host: Enter your server’s “Outgoing Mail Server (SMTP Server Name)”.
    5 SMTP Username: Enter the exact “Email Address” you use for your blog.
    6 SMTP Password: Enter the “Password” configured for that email address.
    Click 7 “Save Settings”.
    Configuring Other SMTP Settings

Step 4: Run an Email Test to Verify SPF, DKIM, and DMARC

  1. Click “Tools” from the left menu in 8. Enter your personal Gmail address in 9. Click 10 “Send Email”.
    Sending Test Email
  2. Open the received test email in Gmail and click the 3-dot menu in the upper right corner in 11. Click 12 “Show original”.
    Gmail Show Original Menu Option
  3. Finally, let’s verify if the authentication settings are successful!
    Gmail Email Header with Pass Highlights
    The wall of English text might look overwhelming, but here is a super simple trick.
    Open your browser’s search function (Ctrl + F on Windows, Cmd + F on Mac) and type “pass” into the search box (indicated by the arrow in the bottom left). As shown in the image, if the word “pass” is highlighted and glowing across all three categories (DKIM, SPF, DMARC), it is a 100% perfect success!
    Your blog’s email security is now configured to the safest possible standard worldwide!

    If you still feel uneasy looking at it yourself, copy the highlighted section of the header, paste it into a chat with Gemini, and ask, “Please evaluate this email header.” Your uncertainty will surely turn into absolute confidence!

Why Core Server Users Absolutely Need DKIM and DMARC Authentication Now

Due to the massive updates to email sender guidelines implemented by Google in 2024, major email providers like Gmail now strictly restrict or block emails from domains with insufficient anti-spoofing measures. This is exactly why automated form replies and comment notifications fail to deliver even on personal blogs.

The security gained by configuring these DNS records is not just about making sure your emails arrive. By establishing these rules, servers around the globe can monitor

WordPress
Sponsored
dorami

A huge tech and gadget enthusiast living in Osaka, Japan.
On this blog, I deliver honest, hands-on insights—from deep-dive WordPress theme customizations to thorough verifications of the latest trending wearables.
Enjoy user-first reviews and technical guides with zero sponsor bias!

doramiをフォローする

Comments

Copied title and URL