DMARC and Contact Form 7

This page is showing a generic answer.
To see a more detailed answer customized for you, type your domain name here:

If you use the Contact Form 7 WordPress plugin, and you see undeliverable email messages that mention a “DMARC policy” problem, you need to change how you’ve configured your form.

This problem happens because you’re doing two things:

  • You’re sending your form results to an external email service such as; and
  • You’ve set up your form to send messages that claim to be “From” the address of the person filling out the form, using a “tag” like “[your-email]” in the “From” section, like this:
incorrect Contact Form 7 settings

If the person filling out the form uses an address like “”, your site will send a message that looks like this:

To: <>
From: "Real Name" <>
Subject: Contact form submission from

But that’s a bad idea: doesn’t have anything to do with, so you shouldn’t be sending messages claiming to be from Gmail will think is “forging” a Yahoo address. Many email providers now reject this kind of “forged” mail as “spam” even though they used to accept it.

(While it may be the case that your visitor really owns the address “”, you don’t know if that’s actually true, and you can’t just take someone’s word for it on today’s Internet. And Gmail has no idea at all where you got the address from, or why is trying to send mail that claims it’s from

One way to fix it: Avoid sending mail from addresses you don’t own

The best way to fix this is to send the messages “From” an address at your own domain name. If you have multiple addresses, it doesn’t matter which address you use as long as it ends with at your own domain name.

With Contact Form 7, it should look like this:
Subject:Contact form submission from
Additional headers:Reply-To: [email*]

Here’s a screenshot:

correct Contact Form 7 settings

We’ve simply put an address at your domain name in the “From” section, then moved the previous “From” tag to an additional “Reply-To” header. If you do this, the message recipient will still be able to press Reply in their email program to reply to the person who filled out the form.

By the way, using email* in Reply-To: [email*] simply marks the field as “required”. The Contact Form 7 documentation explains more about the field formats.

Another way to fix it: Deliver to a mailbox on our servers

An alternate way to fix this is to stop sending your form email to other mail servers. If you’re sending it to “”, for example, Gmail is the company that’s detecting the “forgery” and rejecting the message.

This problem will never happen if you send the form results to a POP/IMAP/Webmail mailbox on our servers instead of sending them to another company.

So you can simply create a mailbox at your domain name, then change the “To” address in your Contact Form 7 settings to deliver the form results to that mailbox.