Hello, we experienced this problem a few weeks ago. I'm guessing G Suite had upgraded and perhaps deprecated some older ciphers which caused the scan service on our Xerox to stop working (though I did not confirm this nor which specific cipher it was). We have been using the GMail SMTP server configuration method, with a dedicated email account for each printer. We also have 2FA required for our domain but a generated "application password" for the printer has been working fine - the printer does not need to 2FA.
Using the resources at GMail (https://support.google.com/a/answer/176600?hl=en) I tried changing ports, mail server hostname, authentication method, etc. - a whole variety of setting changes but nothing worked. A call with support revealed that lowering our organization's GMail security setting to Allow Insecure Apps would fix the problem, but this was not something we wanted to do. We had considered running a secondary GMail domain just for the scanner, but this also was not an option we wanted to consider.
I found that instead that changing to use the SMTP Relay Service method (option #1 in the link above) instead of a dedicated user on the Gmail SMTP server (#2 in the link above) worked. See the link above for full details, but basically the mail server becomes smtp-relay.gmail.com instead of smtp.gmail.com and the Login Credentials are None instead of SMTP AUTH (this method authenticates by source IP rather than auth). The printer still uses TLS and port 465, although Gmail may be configured to not require TLS for the mail relay service (I suspect if it is configured to require TLS, it may fail for the same reason as the original method failed). Also, for this to work you need to enable the SMTP Mail Relay service in G Suite - see https://support.google.com/a/answer/2956491?hl=en for more info.
We had our printer's bios upgraded by a technician which I had hoped would upgrade the security protocols/ciphers and fix the problem, but it did not. I would hope that in the near future, Xerox would release a bios upgrade that strengthens the SSL/TLS so that Gmail no longer considers it low security. For now, the above workaround is adequate for us. Hope this helps someone.
Cheers,
Albert
P.S. Don't forget to use Internet Explorer and not Chrome or Firefox to change the settings. I spent a good 5 hours changing settings on the printer in Chrome and FireFox to have the SMTP AUTH tickbox always default back to none. Later found out from support this was a javascript incompatibility with those browsers! Using IE my selections were saved properly.