SPF Authentication Email blocked when sending emails to Gmail accounts (Google Workspace)

I have my domain with Google Domains, which has been set up with the Netlify Name Servers and is displaying my website as intended. As I have a Google Workspace account, I have also set up my mail records which have been working fine (for the most part). During set up, I added a SPF authentication record, as suggested by Google.

The issue I’m encountering is that when I send an email from my custom domain to a Gmail hosted address, my message is blocked with the following error:

550 5.7.26 This mail is unauthenticated, which poses a security risk to the sender and Gmail users, and has been blocked. The sender must authenticate with at least one of SPF or DKIM. For this message, DKIM checks did not pass and SPF check for [[jnstn.io](http://jnstn.io/)] did not pass with ip: []. The sender should visit https://support.google.com/mail/answer/81126#authentication for instructions on setting up authentication. k5-20020adfb345000000b003110d6bc9e1sor304228wrd.10 - gsmtp

I’ve gone through Google’s documentation and the Netlify Forums to try to resolve the issue, but the recommended solution seems to be to add the SPF authentication record (which has already been added).

Any help would be most welcome.

Domain / Netlify Site Name: jnstn.io
Netlify Site ID: b88a567f-5398-448d-aed3-7a1c4b62d7e5

Hi there,

As far as I can tell, this is your SPF record:

 % host -t txt jnstn.io
jnstn.io descriptive text "v=spf1 include:_spf.google.com ~all"

…However, it seems to only authorize Google’s netblocks, according to this lookup tool:

…which would not map to any location you could use Netlify to send mail from (since our dynamic workloads such as your functions do not run in Google’s cloud).

So - just to clarify - are you sending from a netlify function, or is this just “when I send from my normal mail client” ?

I’m using Apple Mail as my client, and I think I have solved the issue now.
It was interesting that using that I was only getting bounce back when sending emails to @gmail.com addresses.

It seems that the issue was an incorrectly set DKIM record.
Now that the record has been updated to the correct Name and Value provided by Google Domains (TXT record), everything seems to be working.

Thank you for your help.