Sending an email to a *.mil address with Symantec Messaging Gateway (SMG) without proper SPF/DKIM/DMARC configuration results in failure of delivery.
550 #5.7.5 DKIM unauthenticated mail is prohibited; Verify DKIM key length is >= 1024B
The Defense Information Systems Agency (DISA) is requiring all external senders to use sender authentication when sending to a .mil email address. If a sender does not have SPF/DKIM/DMARC configured, the DISA-run .mil servers will automatically reject the mail.
For assistance in setting up these settings, there are varied tools online that can assist. Providers such as MXToolbox have tools that can help create the DNS records needed.