UPDATE: This post on SPF records puts my post to shame. I’ve included some answers below.
If your website sends email to you and it ends up in the spam folder, or in gmail you can see “via notmydomain.com”, you’ll need to at least add an SPF record for the domain and set the Return-Path in your emails.
First, make sure the From address is from a domain you own (for example: “firstname.lastname@example.org”). You will need access to your DNS records.
Next, you’ll need to set your SPF record on your domain. The SPF record is a record on your domain that lets mail exchangers know that mail from a specified domain is OK and allowed to send mail. I’m not an expert at this, so I’ll let Google explain this better here: https://support.google.com/a/answer/33786?hl=en
For hosting companies you’ll need to find out where the actual emails are sent from. For WPEngine WordPress installs, use include:mailgun.org. An excerpt from openspf.org:
The other problem is more subtle:
include:networksolutions.comwould include mail servers authorized to send mail from the domain networksolutions.com. This may or may not be the same list of mail servers Network Solutions uses to send mail out using customer domains! Sometimes an ISP will create a special SPF record that customers can include with their record, such as
_spf.example.com. If you want to use an ISP’s mail server(s) you should ask them if they maintain an SPF record for their customers to include, or else you will need to change your record every time your ISP adds, removes, or changes a mail server’s name and/or address.
The Return-Path is another thing you need to set. The Return-Path of each email should match the email’s From address. WordPress (and the popular Contact Form 7 plugin) do not do this for you so I made a plugin to set the Return-Path along with other helpful tweaks.
In some cases, you may need to set your DKIM key on your domain. This further prevents spoofing and helps keep your email out of the spam filter. DKIM adds a digital signature to outgoing messages. More on this here: https://support.google.com/a/answer/174124
You can check the spammyness of your email at https://www.mail-tester.com/