FAQ about configuration validator

Contact Form 7 4.4 has introduced the configuration validator. The following are answers to the frequently asked questions about the validator.

This validator thing sucks. Why did you introduce it?

Mail service providers apply stricter rules year by year to protect users from mail abuses like spam and spoofing. In the meantime, we have seen an increasing number of troubling reports about email delivery, and found that there are incorrectly configured contact forms behind that.

Responding to this situation, we introduced the configuration validator, which will help users find their invalid configurations and maximize the rate of successful mail delivery.

My contact forms have been working fine. So I don’t need to validate them, right?

Are you absolutely sure your forms are working? Don’t you think you might just not notice misconfiguration, and you actually have lost messages due to that? I strongly recommend doing a validation even if you don’t see any problems at this time.

What will happen after running a validation?

Nothing happens other than adding warning messages to incorrect fields in the contact form editor screen. Only logged-in users who are allowed to edit contact forms will see those messages.

Does the validation affect behavior of a contact form? If it detects configuration errors, will the contact form stop working?

No. The validation doesn’t affect behavior of a contact form at all, even if it detects configuration errors.

My contact form works regardless of configuration errors. Is it the validator’s bug?

No. Whether a contact form works depends largely on the environment (your host, relaying mail servers, mailer application, etc.). It’s no surprise even if the same contact form doesn’t work in a different environment. How do you know that your host won’t change their mail delivery policy tomorrow morning?

If you receive errors, you should assume there are hidden risks, even if you saw a form submission test once passed. They might come up in the future.

How can I resolve configuration errors?

See How to resolve configuration errors.

Why does the email address in the From field have to belong to the site domain?

For example, if a mail had “your-name@yahoo.com” in the From field, but was actually sent from your web server (it’s not yahoo.com), it would be highly possible that relaying mail servers consider it as a spoofed address. If you use an email address in the same domain as the site, you can reduce the risk of being treated like that.

But if the From field is not the form submitter’s address, I can’t reply to the submitter.

You can still reply to the submitter by setting the Reply-To mail header field. When “your-email” is the field name that the submitter inputs their email address, you put the following line to the Additional headers field:

Reply-To: [your-email]

Then, the reply mail will head to [your-email] (the submitter’s address).

I’m sure my configuration is correct, but I got errors. I feel the validation result makes no sense. Can I ignore the errors?

It’s fine to ignore errors if you understand what the errors mean and can manage the risk that the (mis)configuration possibly causes.

How does the validator work? What does it test?

The configuration validator does a syntactic check only, and it doesn’t practically send mail for testing email delivery. The validation process completes locally; any other services on Internet don’t get involved in this process.

When does a validation run?

It runs every time you save a contact form.

I understand the importance of validating configuration, but I have compelling reasons to avoid it. Is it possible to disable the configuration validator?

You can disable the configuration validator by adding:


to your wp-config.php, or adding:

add_filter( 'wpcf7_validate_configuration', '__return_false' );

to your theme’s functions.php.

Just another contact form plugin for WordPress. Simple but flexible.