As for DMARC in the headers, I'm pretty sure Google has done that for years when DMARC is being checked (i.e. when it's being offered by the sending domain).
As long as I can remember there have been 3 lines in “Show Original”: SPF, DKIM, DMRARC.
Google does have newish (early 2024) policy regarding messages purporting to be from domains which lack a DMARC policy statement. But this is about mail delivery, not the Show Original UI feature. It’s possible they have been only slowly ramping up implementation or perhaps your domain was previously under the threshold but is now over.
Maybe when the record for that domain existed, it showed up even then. But I checked this for few emails older than May, and it is not there until 1st of May, where it is failing, if record does not exist.
Is this new? Some time back (a year back or so), CloudFlare pushed setting up SPF, DKIM, DMRARC the right way and I did so for a lot of my domains. That was the time I read about Google and others being more strict about email deliveries.
This overview also shows other requirements you may have missed: https://www.proofpoint.com/us/blog/email-and-cloud-threats/g...
As for DMARC in the headers, I'm pretty sure Google has done that for years when DMARC is being checked (i.e. when it's being offered by the sending domain).
(and yes, this was supposed to be enforced last year)
Google does have newish (early 2024) policy regarding messages purporting to be from domains which lack a DMARC policy statement. But this is about mail delivery, not the Show Original UI feature. It’s possible they have been only slowly ramping up implementation or perhaps your domain was previously under the threshold but is now over.
https://blog.google/products/gmail/gmail-security-authentica...
https://news.ycombinator.com/ask for other examples.