I just set up my first two wordpress blogs this past weekend, and I've noticed something in the way the Contact Form 7 and WordPress in general sends mail out over SMTP (I've installed the Configure SMTP plugin to get the server to do so).
Apparently, the message headers are inconsistant with the generally accepted methods used by the major sites for sending automatically generated email or form2mail messages like the ones created by Contact Form 7, and it's causing issues with my spam filters.
One would normally expect a message coming from a form to have a From: address of the person submitting the form. Unfortunately, due to SPF, this triggers spam filters as the web server is almost never going to be listed as an authorized sender for the visitor's domain. The trick to getting around this is obviously to use Configure SMTP to force the From address to be the web-server. That's all well and good, but then the visitor's email address just gets plastered into the message body, which is daft.
The proper way to implement this would be to use the Sender, From, and Reply-To fields in the message header.
Sender: is some address where automated bounce messages can go. This is actually optional, but should be configurable from the Configure SMTP plugin.
From: should be some sort of noreply address identifying the server. For example: firstname.lastname@example.org. This could be configured as it is now in the Configure SMTP plugin.
Reply-To: should be the visitor's name and e-mail address as provided in the Contact Form (or whatever other plugin it might be coming from).
Proper use of the Reply-To field would elegantly eliminate the spam blocker problem without the ugly hack of putting it in the message body.
I will attempt to work on this in my spare time and perhaps submit a patch (although since I've only been using wordpress for 3 days, I'm not yet sure where to do that), but if some real wordpress developers were to pick up on this, and include it, it'd be great.