Thanks for the reply. Is there a way to turn off just the sender validation? Validating the form fields and other configuration is a good thing and it’d be a shame to lose that aspect.
For what it’s worth your FAQ over simplifies things. It should really discuss SPF records and incorporate these checks in the validation. I think it’s quite common for larger companies to have different hosts for their websites as their email. SPF records are essentially a list of servers that are allowed to send email for a particular domain. As long as the host the contact form is running on is included in the SPF records then any mail it generates will not be viewed as spoofed. Also, when used with other plugins such as WP SMTP, the host the site is running on becomes irrelevant.
Happy to have a go at writing a section about SPF records for the FAQ if you would like?
