Emails sent to Gmail addresses using the Symantec Email Security.cloud service temporarily fail authentication checks which can cause email delivery to be retried.
The following error is observed:
550-5.7.1 [xx.xx.xx.xx] Our system has detected that this message is
550-5.7.1 likely unsolicited mail. To reduce the amount of spam sent to Gmail,
550-5.7.1 this message has been blocked. Please visit
421-4.7.0 This message does not have authentication information or fails to pass
421-4.7.0 authentication checks. To best protect our users from spam, the
421-4.7.0 message has been blocked. Please visit
421-4.7.0 https://support.google.com/mail/answer/81126#authentication for more
421 4.7.0 information. u9si1678564pge.242 - gsmtp
Delivery attempt failure - transient
Attempted delivery 6E/AB-19374-89FB5695 to xx.xx.xx.xx on Wed Jul 12 06:20:11 2017
Error Message: "421-4.7.0 This message does not have authentication information or fails to pass"
Retries attempt: 0
Time message queued: 3.04 seconds
Gmail uses a security policy which blocks or delays any email coming from domains that do not use domain authentication methods, such as SPF, DMARC, and DKIM.
Symantec recommends that you implement SPF, DMARC, and DKIM in order to avoid any delivery failures or delays to Gmail. These are domain level services, and are implemented at a DNS level. Having these records also provides your domain with additional security which can help prevent spoofing. See Why is DMARC Important?
Note: At a minimum, all domains should include an SPF record.
If you have received this error and already have an SPF record, validate your record as it may be incorrect. A commonly seen error shows multiple TXT records containing SPF records, when specifications allow only one.
The following articles assist in implementing SPF, DMARC and DKIM with Email Security.cloud