Make Contact Form 7 DMARC-Compliant

Postage Stamps

In April of this year, Yahoo changed its Domain-based Message Authentication, Reporting and Conformance (DMARC) authentication policy. Suddenly, when a user submitted an email using Contact Form 7–and some other WordPress contact form plugins’ forms–using a Yahoo email address, the messages were permanently rejected by some web hosts.

Yahoo is simply trying to reduce the amount of fraudulent emails by rejecting emails using Yahoo email addresses sent from non-Yahoo servers, but It was a really unpleasant surprise for a lot of web developers. Yahoo’s change means legitimate emails sent by users with Yahoo addresses using Contact Form 7 are getting rejected. Other email providers are going to follow Yahoo in using more-strict authentication rules, so even if you don’t care about email from Yahoo users, it’s worth becoming DMARC-compliant. Fortunately, Contact Form 71 comes with a means for making form submissions DMARC-compliant.All you need to do to be DMARC-compliant is to use an email address from your own domain for the “from” address of your Contact Form 7 forms. To make replying to the form-submitted emails a one-click process, you need to set the “reply-to” header in the email to the user’s real email address. Here’s how:

In the WordPress admin, go Contact -> Contact Forms and click the “Edit” link for the form you want to make DMARC-compliant.

Scroll down to the From text box in the Mail Section.

The default From will look like this:

 [your-name] <[your-email]>

Change that so that “[your-email]” is replaced by a forwarder or email account on your domain:

 [your-name] <>

Next, scroll down to the Additional Headers text area. In it, paste the following code, substituting the tag you used for “[your-email]” if you aren’t using the default:

 Reply-To: [your-email]

Click Save to save your changes.

That’s it, your Contact Form 7 form will now be DMARC-compliant, and your forms should not be rejected.


1At the time of this post, Contact Form 7 was on version 3.8.1. It’s possible the developer will incorporate a slicker method of accomplishing this workaround in a future version.