Your domain has no SPF record — the setting that tells Gmail and Outlook which servers are allowed to send email using your domain name. Without it, the email you send (replies, invoices, newsletters) is more likely to be quietly filtered into spam, and it's easier for scammers to send mail that looks like it came from you.
On WordPress
WordPress itself doesn't control SPF — it's set at your domain registrar or host's DNS panel. If your host manages your email (e.g. Bluehost, SiteGround), check their knowledge base for the exact SPF value to use, or look in the email/DNS section of your hosting dashboard.
On Shopify
Shopify sends store email through its own servers. If you use a custom domain via a third-party registrar, add the SPF record there. Shopify's help docs list the exact records to add for sender authentication.
Pro tip: You can only have ONE SPF record per domain. If you already have one, add new senders as extra "include:" entries inside it rather than creating a second record — duplicate SPF records cause all of them to be ignored.
SiteSprout scans your site, tells you which issues you actually have in plain English, and keeps watch so nothing breaks silently.
Scan your site free