Enterprises build workflows around internal/partner emails all the time. Thats because they have some control over policies, integrity and trust. But free email services don't make any claims to the identity of the person to which the email account is assigned. Any communications you send to those accounts is out of convenience...not a matter of record, unless you can subpoena the service providers records. You also have to assume that users or services can flag your messages as junk or spam.
A "landing page" is a pretty standard way to deal with security / confirmation matters. It puts you back in control. One of the companies I consult with certifies hospital admissions which contains patient information. They don't transmit that via email but instead send a message to hospital staff that we have certified it and provide a link to the certificate. They have to login to our SharePoint to pick up the certificate. I'm greatly oversimplifying but you get the idea. If those gmail, aol users have web accounts with you, then it should be fairly straight forward to do something similiar.
