Fix Magento 2 Emails Not Sending or Going to Spam

Are Emails From Your Store Reaching Customers?

Every lost email represents a potential abandoned order, a dissatisfied customer, and lost revenue.
If buyers aren't receiving order confirmations or users aren't getting password reset emails, your e-commerce store is losing both trust and sales.

The issue often lies in technical configurations: Magento uses an unreliable default email sending method, while missing SPF/DKIM/DMARC records and poor IP reputation send emails straight to spam.

In this article, we'll explore why emails may not be delivered and what you need to do to ensure they land in the inbox rather than the spam folder. We'll also discuss how to:

• Configure SMTP properly
• Verify DNS records
• Optimize email content

A locally installed MTA without proper configuration

By default, Magento 2 uses PHP’s mail() function for email delivery, which relies on the server’s local Mail Transfer Agent (MTA) — such as Sendmail.

Magento assumes that an MTA is already installed and configured on the server.

In reality, this is often not the case, leading to critical issues: 

1. No MTA = No Emails
   If a mail transfer agent is missing, emails cannot be physically sent. Magento may not display explicit errors, but customers will never receive emails.
2. High Spam Risk Even with MTA
   Without SPF, DKIM, and DMARC configurations, emails will likely be marked as spam or rejected by providers like Gmail and Outlook.
3. No Logging or Tracking
   PHP mail() provides no delivery status, error reports, or blocking details, making troubleshooting extremely difficult.
4. Hosting Provider Restrictions
   Many shared hosting services block outgoing mail() traffic or impose strict sending limits.

Best Solution: SMTP Email Delivery

The most reliable way to ensure email delivery from Magento 2 is by using an external SMTP service. This connects your store to professional email providers that guarantee:

• High deliverability (lower spam risk thanks to trusted IP addresses)
• SSL/TLS authentication (login/password or API key)
• Detailed sending logs and error tracking
• Automatic retries for failed attempts

Magento 2 Extensions

While Magento doesn't support SMTP out-of-the-box, these trusted extensions add this functionality:

• Mageplaza SMTP (free) - Basic configuration, logging, and testing (User Guide)
• More extensions available in Magento Marketplace

SMTP Service Options

We successfully use Brevo, but other professional SMTP services can also be considered for larger email volumes.

Required DNS records: SPF, DKIM and DMARC

Email providers use DNS records to verify sender authenticity and protect users from spam and phishing. 

SPF, DKIM, and DMARC are three critical email authentication mechanisms that verify an email was genuinely sent from your domain and not forged.

What do these DNS records do?

1. SPF (Sender Policy Framework)
   Specifies which IP addresses or servers are authorized to send emails on behalf of your domain.
   Helps filter out fraudulent emails.
2. DKIM (DomainKeys Identified Mail)
   Adds a digital signature to each email, allowing the recipient to verify that the message wasn't altered in transit and indeed came from your server.
3. DMARC (Domain-based Message Authentication, Reporting and Conformance)
   Combines SPF and DKIM by establishing policies for handling unauthenticated emails (e.g., reject or mark as spam). Can also send reports about attempted email spoofing of your domain.

If these records are missing or misconfigured:

• Email services will treat your messages as untrustworthy
• Risk of being marked as spam or blocked increases significantly
• Delivery may fail completely, especially to corporate domains

Example DNS records:

SPF (TXT record):

1v=spf1 include:sendgrid.net include:_spf.google.com ~all
Copy

Where:

• v=spf1 - SPF record version
• include: - authorized SMTP services
• ~all - softfail policy: emails from unauthorized servers may be accepted but marked as untrusted

DKIM (CNAME/TXT):

1default._domainkey.yourdomain.com IN TXT "v=DKIM1; k=rsa; p=YourPublicKeyHere"
Copy

Where:

• default._domainkey.yourdomain.com - record name
• IN TXT - record type
• v=DKIM1 - DKIM version (always DKIM1)
• k=rsa - encryption algorithm (typically RSA)
• p=YourPublicKeyHere - public key for email signature verification

DMARC (TXT record for _dmarc.yourdomain.com):

1v=DMARC1; p=none; rua=mailto:reports@yourdomain.com; ruf=mailto:alerts@yourdomain.com
Copy

Where:

• v=DMARC1 - version (always DMARC1) 
• p=none - monitoring mode (no action on failures)
• rua - address for aggregate reports (daily XML summaries)
• ruf - address for forensic reports (detailed failure alerts)

Where to get SPF/DKIM/DMARC values?

SPF: Created by you based on the SMTP services you use.

DKIM: Automatically generated by your SMTP provider in the control panel. (Exception: If you run your own mail server, you’ll need to generate the key manually using OpenSSL.)

DMARC: Configured manually by you (policy: p=none, quarantine, or reject + report email address).

How to add SPF, DKIM and DMARC to DNS

To add SPF, DKIM, and DMARC records to your DNS, log in to your domain management panel provided by your hosting provider or registrar, navigate to the DNS records section, and manually create the appropriate TXT records using the data provided by your SMTP service.

DNS changes do not take effect immediately — they usually propagate within 5 minutes to 24 hours.

How to check DNS records?

To verify the presence and correctness of SPF, DKIM, and DMARC records for your domain, you can use the following services:

• MX Lookup
• DMARC Domain Checker

How to make sure customers are receiving your emails?

The most convenient way to ensure that your emails reach customers and don’t end up in spam is to use specialized email testing services. These tools analyze both the technical setup and the content of your messages to identify hidden issues.

What do these services check?

1. The presence and correctness of DNS records: SPF, DKIM, and DMARC. Missing or incorrect records are a common reason for delivery failures.
2. Email content for spam triggers, such as missing text (only images), and required elements like an unsubscribe link.
3. IP and domain reputation, including listings in spam blacklists.
4. Sender authentication, such as matching the sending domain in the headers with SPF/DKIM records.

Here are some of the most popular services for this:

• Mail-Tester
• Glock Apps