@both in this thread ...
Do a query of mdl_user table:
select id,auth,firstname,lastname,email,password from mdl_user where email like '%gmail.com';
In what is returned, does auth = oauth2 and do you see a password (hashed)?
If you have anything in password, user used gmail.com address but password is in your system ... not using Google IAM.
If you see nothing in password, then you have Google IAM auth setup for your Moodle site.
IF no oauth2's show up, then users might have used their gmail.com address but with
a manual (entered by user) password in your system.
Google might drop those messages to change password - won't be in spam - looks too fishy to Google.
Google over the last year or so, required Google IAM clients to re-certify their mini IAM
app ... especially if site had used an @gmail.com address for the System Account in the IAM setup.
Did that address get any such notifications from Google?
Also, Google and Yahoo are now requiring DKIM to communicate.
That's a DNS thing but the generation of the DKIM info has to be generated from
your
server.
https://moodle.org/mod/forum/discuss.php?d=435481https://docs.moodle.org/403/en/Mail_configuration#DKIMAs is normal when it comes to email, no easy answer and no easy solution can be provided publically in these forums.
'SoS', Ken