Most small business websites are set up once and never touched again. The contact form works on launch day — then the hosting email breaks, the SMTP password expires, someone changes the inbox address, or the messages quietly start landing in spam. Nobody notices because nobody tested it.
The worst part? Your visitors have no idea either. They see a success message, assume you'll reply, and wait. You never do. They move on to a competitor.
1. Emails going straight to spam. Gmail, Outlook, and most business inboxes are aggressive about spam filtering. If your form sends from a generic hosting address like noreply@yourdomain.com with no proper authentication set up (SPF, DKIM records), your emails are almost certainly being junked.
2. Wrong email address configured. Whoever built the site put their own email in as the recipient. They left. Nobody updated it. The leads are going to a dead inbox.
3. Expired or revoked SMTP credentials. If your form uses SMTP to send emails — common with WordPress or custom forms — those credentials can expire. The form still shows a success message on the frontend even when the send fails in the background.
4. PHP mail() disabled by the host. Many shared hosting providers quietly disable the built-in mail function for spam reasons. Your form submits, the backend tries to call mail(), it silently fails, the user sees success anyway.
5. The form was never connected to anything. This sounds embarrassing but it happens constantly, especially with website builders. Someone dragged a form onto the page and hit publish. The submit button does nothing — it just reloads the page with a fake success state. There's no backend behind it at all.
Open your website on your phone — not logged in, not as the admin. Fill in your contact form using a personal email address you actually check. Submit it.
Now wait 5 minutes. Did the email arrive?
Check spam. Check every inbox associated with your domain. If nothing appears, your form is broken.
While you're at it: is there an actual email address on your website somewhere that visitors can click and use directly? If your form is broken, that's the fallback they'll never know to look for.
A reliable contact form in 2026 should:
- Send emails via an authenticated SMTP relay (Gmail, Mailgun, Resend) — not a generic hosting mail function - Have the sender domain properly authenticated with SPF and DKIM records so emails don't get junked - Log submissions somewhere (a database, a spreadsheet, a Slack notification) so you have a backup even if the email fails - Send a confirmation email back to the person who submitted, so they know it worked - Show a real error message if something goes wrong — not a fake success state
If yours doesn't do these things, leads are leaking.
If you're technical, fix the SMTP config and check your DNS records. If you're not, you have two options: pay your original developer to fix it, or get a fresh set of eyes on it.
I offer a free site audit that covers the contact form, mobile responsiveness, page speed, and SSL. Takes me about 20 minutes and I'll tell you exactly what's broken and what it would cost to fix. No obligation.
Ready to take action?