If Google can't confirm that an email is coming from the person who appears to be sending it, it treats them as non-authenticated email senders and shows a red question mark as their profile photo:
When you hover over the question mark icon, this message is shown: “Gmail couldn't verify that [domain] actually sent this message (and not a spammer)”.
This notification helps prevent phishing attacks. Although, sometimes, even legitimate senders may be misidentified as unauthenticated. This happens due to a missing SPF record in the sender domain's DNS zone.
If your domain is pointed to Hostinger by nameservers, the SPF record is added by default. To double-check it, follow these steps:
Navigate to the Domains section
Click on Manage next to the domain name in question
Go to the DNS / Nameservers section and search for spf:
If your domain is pointed elsewhere by nameservers, the SPF record needs to be set up at the platform to which your domain is pointed.
The values of the SPF record vary depending on the email service provider, e.g., Hostinger Email, Titan Email, Google Workspace, etc.
Any changes in the DNS zone (adding, removing, editing DNS records, etc.) trigger propagation which can take up to 24 hours; your emails may still appear unauthenticated until DNS propagation is over