If Google can't confirm that an email is coming from the person who appears to be sending it, it treats them as non-authenticated email senders and shows a red question mark as their profile picture:
Hovering over the question mark icon displays the following message: “Gmail couldn't verify that [domain] actually sent this message (and not a spammer)”.
This notification helps prevent phishing attacks. Although, sometimes, even legitimate senders may be misidentified as unauthenticated. This happens due to a missing SPF record in the sender domain's DNS zone.
SPF stands for Sender Policy Framework. SPF records are DNS records of TXT type that specify which mail servers can send emails on behalf of a specific domain.
When an email is received, the recipient's mail server checks the SPF record of the sender's domain to verify if the sending server is permitted to send emails for that domain. This helps reduce the likelihood of fraudulent or spam emails being delivered to recipients, enhancing email security and trust.
If your domain is pointed to Hostinger by nameservers, the SPF record for Hostinger Email is added by default. To double-check it, follow these steps:
Navigate to the Domains section
Click on Manage next to the domain name in question
Go to the DNS / Nameservers section and search for SPF
If your domain is pointed elsewhere by nameservers, the SPF record needs to be set up at the platform to which your domain is pointed.
NOTES
Any changes in the DNS zone (adding, removing, editing DNS records, etc.) trigger propagation which can take up to 24 hours; your emails may still appear unauthenticated until DNS propagation is over