Share via

How to fix Your email has been blocked because the sender is unauthenticated. Gmail requires all senders to authenticate with either SPF or DKIM. Authentication results: DKIM = did not pass SPF [sympatico.ca] with ip: [2a01:111:f403:d10e::] = did not pass

Jean-Marc Frion 1 Reputation point
2026-03-09T17:27:01.65+00:00

How do I fix : Your email has been blocked because the sender is unauthenticated. Gmail requires all senders to authenticate with either SPF or DKIM. Authentication results: DKIM = did not pass SPF [sympatico.ca] with ip: [2a01:111:f403:d10e::] = did not pass

Outlook | Windows | Classic Outlook for Windows | For home
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. ppavle 5,195 Reputation points Volunteer Moderator
    2026-03-09T17:35:39.82+00:00

    What server are you using for sending emails? SMTP settings in your email client. You should use recommended SMTP server configuration from your provider (sympatico.ca).

    0 comments
  2. Jean-Marc Frion 1 Reputation point
    2026-03-09T17:29:57.05+00:00

    This solution does not work in reality: The ISP (Bell Canada) does not accept this answer. They say that the problem is with Outlook.

    0 comments
  3. Q&A Assist
    2026-03-09T17:27:22.9633333+00:00
    AI generated content. This question contains an answer created with AI from Q&A Assist. Learn more

    Gmail is blocking the messages because the sending domain (sympatico.ca) is failing both SPF and DKIM checks, so the sender is unauthenticated. This is a sender‑side configuration problem, not an Outlook problem on the device.

    To fix it, the owner/admin of the sending domain must correct SPF and/or DKIM so that at least one passes and aligns with the From address domain for DMARC.

    Action steps for the sender domain (sympatico.ca):

    1. Fix SPF failures
      • The error shows SPF [sympatico.ca] with ip: [2a01:111:f403:d10e::] = did not pass, which means the sending IP address is not authorized in the domain’s SPF record or there is an SPF configuration error.
      • The domain owner needs to:
        1. Verify that all legitimate outbound mail servers (including the one with IP 2a01:111:f403:d10e::) are included in the SPF TXT record for sympatico.ca.
        2. Check for SPF syntax issues or lookup errors (spf=temperror or spf=permerror) and correct them.
        3. Reduce unnecessary include: mechanisms and ensure the record does not exceed SPF limits (for example, more than 10 DNS lookups).
      • Once corrected, SPF should show spf=pass for mail from sympatico.ca in the Authentication-Results header.
    2. Fix DKIM failures or absence
      • The error indicates DKIM = did not pass, which means either:
        • There is a DKIM signature but the public key in DNS is missing or does not match, or
        • DKIM is not configured at all for the sending domain.
      • The domain owner needs to:
        1. Enable DKIM signing on the outbound mail system for sympatico.ca.
        2. Publish the corresponding DKIM public key in DNS (CNAME or TXT record) for the selector(s) used.
        3. Confirm that the DKIM signature validates so that dkim=pass appears in the Authentication-Results header.
    3. Ensure DMARC alignment
      • Gmail requires that at least SPF or DKIM passes and is aligned with the From domain.
      • The domain owner should:
        1. Make sure the MAIL FROM (envelope from) domain used for SPF and/or the DKIM signing domain (header.d) matches the visible From domain (sympatico.ca) as required by DMARC.
        2. Verify the DMARC TXT record syntax and policy (for example, p=quarantine or p=reject).
    4. If using intermediary services
      • If mail is routed through third‑party services that modify messages (add banners, disclaimers, etc.), those services can break DKIM and cause DMARC failures.
      • In complex routing scenarios, the recipient side (for example, Microsoft 365 tenants) can:
        • Configure Enhanced Filtering for Connectors.
        • Configure trusted ARC sealers so that valid ARC results can override failures caused by message modification.
      • However, the primary fix still lies with the sender domain correctly configuring SPF and DKIM.

    What the end user can do

    • If using an ISP‑provided address like sympatico.ca, contact that provider’s support and share the exact error text from Gmail. The provider must update SPF and DKIM for their domain; this cannot be fixed from Outlook settings.
    • After the provider corrects SPF/DKIM, new messages should show spf=pass or dkim=pass in Gmail’s message headers and will no longer be blocked for authentication.

    References:

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.