Gmail itself doesn't have an enforcing DMARC policy. It doesn't have DNSSEC so you can't get authenticated MX, DKIM, SPF and DMARC records.
They only support authenticated encryption via an MTA-STS policy with 1 day expiry. It's hardly the example of email security people claim.