WPForms made building the form easy. We make the email part equally easy. No SMTP credentials, no Mailgun account, no DNS work — paste one SecureSMTP API key, flip Email Delivery on, and every WPForms notification leaves through authenticated infrastructure.
Free tier: 100 routed emails / month · works with WPForms Lite and WPForms Pro on PHP 7.4+ · zero credential config.
Last 10 routed WPForms emails
LiveNew contact form submission
to maria@flamingoboutique.com
Survey response · Customer NPS
to sarah@brightleaffarm.com
Payment confirmation · Stripe $89
to admin@harvestmoon.co
Quiz completed · Lead score: 8/10
to kyle@anchorline.co
Quote request · 3-bed deck
to tasha@northwestbuilt.com
Newsletter sign-up confirmed
to jake@gmail.com
The problem
WPForms’ whole pitch is "drag, drop, done — no code". Then the email half breaks and the recommended fix involves five steps in three different vendors’ dashboards. We think that’s the wrong UX.
WPForms shows your entry in the entries dashboard — exclamation mark, ✓ 'entry saved'. But the notification email? Silently dropped at your host's SMTP layer. WPForms did its job. Your host failed. You won't find out for weeks, when a customer asks why nobody replied.
Awesome Motive (WPForms' parent) recommends their own WP Mail SMTP plugin. It works — but it requires (1) picking a mailer, (2) creating a Mailgun/Brevo/SES account, (3) verifying your domain via DNS records, (4) generating an API key, (5) pasting it back into WordPress. For most WPForms users, that's hours of work and three unfamiliar dashboards.
Developers can debug PHP mail. Beginners cannot. When your contact form silently fails for three weeks, you don't get a stack trace — you get angry customers and zero leads. The cost of broken email isn't measured in dollars, it's measured in lost trust.
One plugin. One toggle. Every WPForms notification — and every other email your site sends — now goes through SPF-authenticated, DKIM-signed, DMARC-aligned infrastructure.
Free WordPress plugin v1.21.0, under 200 KB. Upload the zip from /downloads/securessmtp.zip?v=1.21.0 or search "SecureSMTP" in the WP plugin directory. No conflict with WPForms — they handle the form, we handle the email.
In the SecureSMTP dashboard, copy your site API key. Paste it into Settings → QCS Forms in WP-admin. Toggle "Route wp_mail() through SecureSMTP" to ON. That's it — WPForms keeps using its own settings unchanged.
From this moment, every WPForms notification — admin emails, user confirmation emails, conditional notifications, payment receipts, Stripe/Square/Authorize.net order confirmations — leaves through SPF-authenticated, DKIM-signed infrastructure. WPForms' merge tags, conditional logic, and entry-management dashboard work unchanged.
End-to-end WPForms email path
Visitor
Submits WPForms entry
WPForms
Saves entry + builds email
wp_mail()
Native WP API
SecureSMTP plugin
Intercept + sign
Mail Router
Edge — securessmtp.com
SecureSMTP Platform
Quota + audit + log
Resend
IP-warmed, SPF + DKIM
Inbox
Delivered, on time
Fail-safe by design.
If the SecureSMTP platform is ever unavailable, WordPress falls back to its normal mailer automatically. Your WPForms emails are never silently dropped — even during planned maintenance.
WP Mail SMTP is a solid plugin from the same company that makes WPForms. It works. But it makes you do all the heavy lifting yourself — pick a mailer, create an account, verify a domain. We think that’s too much for a beginner-friendly stack.
Option A
Seven steps. Three different dashboards. Most beginners stall at step 4 (DNS verification).
Cost: WP Mail SMTP free tier is limited. Pro starts at $49/yr. Mailer account (Mailgun, Brevo, SES) is a separate vendor with its own pricing.
Option B
Three steps. One dashboard. No third-party mailer account needed.
Cost: free tier 100 emails/mo · paid tiers from $7/mo · zero per-email markup. No third-party mailer account required (DKIM with your own domain optional, no extra cost).
Want to keep WP Mail SMTP? You can — SecureSMTP won’t fight with it on install. We’ll show a one-line notice in WP-admin asking which one should own routing, and you pick. Most users disable WP Mail SMTP once SecureSMTP is on.
We hook at the WordPress wp_mail() layer. That means WPForms has already done its conditional logic, calculation, and entry-saving work before we see the message. The features below are the ones most often asked about.
Per-notification conditional logic ("Send to sales@ only if Budget > $5k") fires exactly as WPForms defines it. We see one wp_mail() call per condition match — and route it.
Up to 30 MB per attachment. The Signature add-on field (which embeds a PNG of the signature) routes intact. The image is delivered with the notification.
WPForms Pro's Survey, Poll, and Quiz add-ons fire normal notification emails on submission. They all route through SecureSMTP. Quiz scores and survey results appear in the notification body the same way they would with the default mailer.
Payment-confirmation and admin-notification emails fire AFTER the payment processor confirms success. wp_mail() is called like normal — SecureSMTP routes the receipt. Payment webhooks themselves are HTTP, orthogonal to email.
WPForms Pro's Form Abandonment add-on emails you when someone starts but doesn't finish a form. That email uses wp_mail() — routes through SecureSMTP. The partial-entry data is preserved in the body.
WPForms' "Email Entry to Customer" feature and the entry-resend button in WP-admin both go through wp_mail() — and through SecureSMTP. The entry HTML format is preserved.
Calculated totals (order subtotal, lead score, BMI, anything) are computed by WPForms before the notification is generated. Output values appear in the notification body exactly as formatted.
Translated notification subjects, bodies, and admin-side notifications all route through SecureSMTP. The notification language matches the form's current language at submission time — same as without SecureSMTP.
These are list-signup integrations — they POST to MailerLite/etc.' API, not through wp_mail(). They keep working unchanged whether SecureSMTP is on or off. SecureSMTP only handles transactional emails (admin notifications, user confirmations).
If WPForms calls wp_mail(), SecureSMTP routes it. That covers all of WPForms Lite, all of WPForms Pro, and every add-on we know of.
Delivering an email is harder than it looks. Each layer below catches a different failure mode — together they're why SecureSMTP-routed WPForms mail lands in the inbox, not the spam folder.
Every email passes the SPF check at the recipient. Your sender domain is listed as authorized in our SPF record, so Gmail, Outlook, Yahoo and Apple Mail see the same answer: this server is allowed to send for SecureSMTP.
Each message is cryptographically signed with a 2048-bit DKIM key before it leaves our infrastructure. Recipients verify the signature against our published DNS record — proving the email wasn't tampered with in transit.
Our SPF and DKIM are aligned to the sending domain, so DMARC policy at the recipient is honored. Bring your own domain via DKIM and you can publish a strict DMARC policy — your WPForms emails still pass.
If SecureSMTP is ever unavailable, WordPress's native mailer takes over automatically. No email is silently dropped. WPForms' entry log keeps recording 'email sent' because the message DID leave the server.
Each customer's site has its own quota window. If a bot brute-forces a contact form and tries to send 10,000 notifications in 5 minutes, we throttle it. Your reputation — and the platform's — is protected.
All five layers ship on every plan — including the free one. Reliability isn’t a paywalled feature.
WP Mail SMTP is from the same company as WPForms (Awesome Motive) and integrates seamlessly. We’re a different approach. Both options beat doing nothing — silent failures cost real leads.
| Feature | WPForms + SecureSMTP | WPForms + WP Mail SMTP | WPForms alone (default) |
|---|---|---|---|
| Setup time | 30 sec | 30–60 min | None — but broken |
| Requires mailer account (Mailgun, SES, etc.) | — | — | |
| Requires DNS verification | Optional (DKIM) | — | |
| Authenticated delivery (SPF + DKIM) | — | ||
| Email log dashboard | Pro only ($49+/yr) | WPForms entries only | |
| AI bot/abuse scan on submissions | — | — | |
| Cross-site dashboard | — | — | |
| Fail-safe fallback to native | — | N/A — IS native | |
| Free tier | 100/mo, all features | Limited | Free |
| Cost (paid) | $7+/mo | $49+/yr + mailer cost | $0 (until it breaks) |
Comparison reflects each vendor’s default behaviour as of 2026-06. WP Mail SMTP and WPForms are both products of Awesome Motive, Inc.
Email-relay quotas below come straight from our plan-limits source-of-truth file — they apply to WPForms, WooCommerce, password resets, every wp_mail() call. No per-email markup, no mailer-vendor account, no surprise overage fees.
Free
$0 /mo
For solo users and side projects.
Email relay
100
routed emails / month
Starter
$7 /mo
For small businesses & creators.
Email relay
2k
routed emails / month
Pro
$19 /mo
For growing teams that care about brand.
Email relay
20k
routed emails / month
Business
$49 /mo
For high-volume teams & multi-brand campaigns.
Email relay
100k
routed emails / month
Every paid plan has a 14-day free trial — no credit card required.
Scenarios that reflect the most common pain points described to us during onboarding.
I am a one-woman boutique. I had no idea my contact form had been broken for two months. After installing SecureSMTP I got an inquiry the same day from a customer who said she'd tried me weeks earlier.
WPForms recommended I install WP Mail SMTP. I tried, but got stuck on the DNS step at my registrar. With SecureSMTP there was no DNS step. The form just started working.
Our quiz lead-magnet was generating zero email notifications for the sales team. Switched to SecureSMTP — first 24 hours we got back-fill of 40 alerts the team had never seen.
These are composite scenarios reflecting common customer pain points described during onboarding, not direct verbatim quotes. Real, attributed testimonials will replace these as customers opt into public attribution after launch.
The eight questions we hear most from WPForms users before flipping Email Delivery on.
SecureSMTP email-delivery pages for other form plugins and the WordPress core.
SecureSMTP SMTP overview
The main email-delivery page
3-min setup guide
Step-by-step install walkthrough
Contact Form 7 SMTP
CF7 + SecureSMTP email delivery
Forminator SMTP
Forminator + SecureSMTP email delivery
Gravity Forms SMTP
Gravity Forms + SecureSMTP email delivery
Elementor Forms SMTP
Elementor Pro Forms + SecureSMTP
Fluent Forms SMTP
Fluent Forms + SecureSMTP email delivery
WooCommerce SMTP
Order receipts + Woo email
WordPress SMTP
WP core + every plugin
AI SMTP / spam-aware mail
Claude-classified outbound mail
SecureSMTP vs WP Mail SMTP
Apples-to-apples comparison
Install SecureSMTP, flip Email Delivery on, get back to making your forms beautiful. 30 seconds, no credit card, no third-party mailer account needed.
Free tier · 100 routed emails / month · all 5 reliability layers · works on WPForms Lite & Pro on PHP 7.4+.