Emails sent from your website can travel via two different methods: PHP’s built-in mail() function or SMTP. Choosing the wrong method is one of the most common reasons contact form messages and order confirmations end up in spam folders.
This article explains how each method works, the trade-offs between them, and which to use depending on your situation.
How PHP mail() works
PHP’s mail() function is built into the language and available on most shared hosting servers without any configuration. When your site calls it, the server sends the message directly using its own mail transfer agent, with no username or password required.
Because no authentication takes place, the sending address is generated automatically from your server environment. The result is an address that looks something like wordpress@cpanelusername.serverhostname.co.uk rather than a recognisable domain address. Receiving mail servers treat unauthenticated messages with more suspicion, which increases the chance of delivery to a spam folder.
How SMTP works
SMTP (Simple Mail Transfer Protocol) sends email through a dedicated mail account using a verified username and password. Your site connects to a mail server, authenticates, and delivers the message through that account. The sending address is the one you configured, for example no-reply@yourdomain.com.
Because the message is authenticated, receiving servers can verify its origin. This makes SMTP-sent mail significantly more likely to reach the inbox rather than the spam folder.
Comparing the two methods
The table below summarises the key differences to help you decide which method suits your site.
- Setup: PHP
mail()requires no configuration. SMTP requires a mail account and credentials. - Authentication: PHP
mail()sends without credentials. SMTP verifies with a username and password. - Deliverability: PHP
mail()messages are more likely to be flagged as spam. SMTP messages are treated as more trustworthy by receiving servers. - Sending address: PHP
mail()generates a server-based address. SMTP uses the address you configure. - Speed: SMTP delivery is generally faster because messages route through a dedicated mail server.
When to use each method
PHP mail() is acceptable for low-stakes local development or testing environments where deliverability does not matter. For any live site, SMTP is the better choice. This applies to contact forms, order confirmations, password resets and any other message your visitors are expected to receive reliably.
If you run a WordPress site, a plugin such as WP Mail SMTP lets you replace the default mail() function with SMTP credentials from your hosting account or a third-party mail provider. See our guide on fixing WordPress contact form issues for more detail on configuring outgoing mail in WordPress.
Wrapping up
PHP mail() and SMTP send email from your website, but they differ in authentication, deliverability and the address your recipients see. SMTP is the recommended method for any live site where messages reaching the inbox matters.
Once you have set up a mail account, configure your CMS or application to use SMTP credentials. Our guides on creating an email account and setting up a DMARC record will help you get outgoing mail working correctly. You can also review adding an SPF record to further improve deliverability.
Ready to get started?
Launch your website with our reliable cPanel hosting with unlimited bandwidth and expert support.
Get cPanel Hosting