I think they’ve technically required DKIM and SPF for a long time, but they have been rolling “improvements” to spam filtering lately, so it’s probably stricter than it used to be.