Aesthetix CRM sends marketing and automated emails through Aesthetix CRM Email, so the way you configure your sending domain, authentication, and sender details directly affects whether your messages reach your patients' inboxes. This article explains the major email standards your practice needs to meet — Google and Yahoo's 2024 sender requirements and the RFC 5322 message-format standard — and how to satisfy them inside Aesthetix CRM.
Note: This article is informational only and describes what Aesthetix CRM's features do and how to use them. It is not legal advice. For your practice's specific obligations under email, privacy, or healthcare regulations, please consult your own compliance or legal advisor.
For step-by-step help authenticating your sending domain (SPF, DKIM, DMARC records) and improving deliverability, see the Email Marketing collection.
Beginning in February 2024, Google and Yahoo began requiring email senders to use email authentication, along with policy changes around consent and engagement. Senders who don't follow these rules may find their emails delayed, blocked, or marked as spam. While the change felt sudden, these practices have long been considered the best way to ensure reliable delivery.
Use the checklist below to make sure your account meets the requirements set by both Google and Yahoo.
A branded sending domain gives you more control over your sender reputation and improves how your practice appears in the inbox. It also removes the generic "sent via" disclaimer that appears when you send from a shared system domain. For bulk senders reaching Google and Yahoo recipients, a branded sending domain is required.
Keep in mind that after you enable a branded sending domain, your sending infrastructure may need a gradual warm-up over the next 2–4 weeks before reaching full sending volume.
For setup steps, see the domain authentication guide in the Email Marketing collection.
What is DMARC? DMARC (Domain-based Message Authentication, Reporting & Conformance) is a standard that builds on SPF and DKIM. It tells mailbox providers how to handle messages that fail SPF, DKIM, or both while claiming to come from your domain — which is how spoofed messages are stopped.
Do you need to act? If you do not already have a DMARC record — and especially if you send more than 5,000 emails per day (counted across all sub-accounts that share a sending domain) — you should add one to your DNS.
Implementation steps:
Use a free DMARC checker such as Dmarcian to see whether you already have a record. Enter your root domain (e.g., yourdomain.com) and click inspect. If you see "Hooray! Your DMARC record is valid," you're all set — skip the remaining steps. If not, continue.
Visit your DNS hosting provider and create a new DNS record.
Choose TXT as the record type.
Set the Host/Name value to: _DMARC (adjust if your provider requires the full host, e.g., _dmarc.yourdomain.com).
In the Content/Value field, enter a basic policy: v=DMARC1; p=none;
Save the record, then use Dmarcian to confirm it was added (it may take a few minutes to register). You can also send yourself a test email and inspect the header. In Gmail, open the message, click the three-dots icon, and choose "Show original" to view the header and confirm DMARC passed.
Every DMARC record must specify a policy — none, quarantine, or reject. Gmail's minimum requirement is p=none. For stronger protection you can move to enforcement with p=quarantine or p=reject, but this takes extra care: you must account for every third-party service that sends on your domain's behalf, and an incorrect record can disrupt delivery. Google recommends tightening your DMARC policy gradually over time. Consider working with a technical advisor when moving to enforcement.
Align your "From" address with your branded domain so your email identity is cohesive and recognizable. To stay aligned with DMARC standards, the domain in your "From" address must match the root domain of your branded sending domain. For example, if your branded sending sub-domain is mail.yourpractice.com, the root domain is yourpractice.com, so a "From" address like [email protected] stays aligned.
Double-check the "From" addresses in all of your automated (flow) emails and campaigns to make sure they're aligned. If you're a bulk sender, complete your move to a branded sending domain before sending to Google and Yahoo recipients.
Why it matters: Gmail and Yahoo enforce a DMARC quarantine policy on their own domains. If your emails appear to be sent from a Gmail or Yahoo address, your deliverability can suffer.
What to do: Don't use a public mailbox address as your sending "From" address. In short, don't send campaign or automated email claiming to be from [email protected], [email protected], or similar. Use your own branded domain instead.
Senders must make it simple for recipients to stop receiving emails. People who no longer want your messages shouldn't have to hunt for the unsubscribe option.
Aesthetix CRM Email can automatically include an unsubscribe link in the footer of all your emails — turn this option on so every message carries it.
One-click unsubscribe: Aesthetix CRM helps you meet the one-click unsubscribe requirement automatically. A one-click list-unsubscribe option is added to the header of every message you send, except for 1:1 emails. Here, "header" refers to the behind-the-scenes message information that includes sender and authentication details — not something your recipient sees as text. The way one-click unsubscribe appears varies by email provider.
Your task: before sending, review your campaign templates and automated emails and make sure there's a clear, easy-to-find unsubscribe link somewhere in the email body — the footer is the most common spot. It doesn't have to be one-click in the body, but it should be obvious to recipients.
Only send to people who actually want your emails. Just as you wouldn't want an uninvited stranger in your home, you shouldn't email people without permission.
If too many recipients mark your messages as spam, your emails can be delayed, sent to the spam folder, or not delivered at all. Google and Yahoo expect senders to stay under a 0.30% spam complaint rate (about 3 complaints per 1,000 emails), and you should aim to keep complaints below 0.10% (about 1 per 1,000).
You can review Yahoo spam complaints in your Spam Reports. Gmail handles spam complaints privately to protect user information, so Gmail complaints are not tracked in Aesthetix CRM email metrics. To monitor Gmail complaints, use Google Postmaster Tools.
RFC 5322 is the official specification that governs how an email message must be formatted. When your headers, sender addresses, or message structure violate these protocols, receiving servers can refuse delivery outright — so a few formatting mistakes can cause hard rejections even when authentication is set up correctly.
If your emails are bouncing for format reasons, the bounce messages often look like one of these:
"The email was rejected because the From header or domain does not meet required technical standards"
"The message was rejected due to protocol or formatting issues, causing the connection to be refused"
"The message was rejected due to a mail loop or excessive hops, violating email transmission standards"
"The sender address or message format does not meet email standards or is not accepted by the recipient server"
"The email message does not meet required formatting or header standards, such as missing or invalid From header or disallowed characters"
"The message was blocked due to content or attachments violating the recipient's security or content guidelines"
"The email message format or headers do not comply with required standards"
"The sender address format does not comply with email standards (RFC 5321/5322)"
The standard defines:
Proper email header structure and formatting
Valid sender address formats and character restrictions
Message routing protocols and hop limits
Required and optional header fields
Character encoding for international content
The most common violations fall into three groups:
Header issues
Missing or malformed From header
Invalid characters in the sender name or address
Improper date formatting in headers
Excessive or malformed Received headers
Address format problems
Special characters that aren't properly encoded
Missing angle brackets around email addresses
Invalid domain name formatting
Improper use of display names
Message structure issues
Mail loops causing excessive hops
Line length over 998 characters
Missing required message boundaries
Step 1: Audit all sender configurations
Inconsistent or malformed sender details are the most frequent cause of these rejections. Review every place your practice sets a "From" name and address:
Campaign sender settings: Go to Marketing → Email → Campaigns, open each campaign with delivery issues, click the email step, and review the "From Name" and "From Email" fields.
Workflow email actions: Go to Automation → Workflows, open any workflow that sends email, click each "Send Email" action, and review the sender name and address.
Bulk action email settings: Go to Contacts → Bulk Actions and review the sender name and email fields, making sure they're consistent with your authenticated sending domains and your campaign standards.
Standardize all sender information across those touchpoints:
Use only alphanumeric characters, spaces, and basic punctuation in sender names.
Remove special characters like quotes, brackets, or symbols from sender names.
Make sure email addresses follow the [email protected] format with no special characters.
Keep display names under 64 characters.
Use consistent sender-name formatting everywhere.
Confirm all sender email addresses are properly authenticated.
Verify reply-to addresses are valid and properly formatted.
You're in good shape when every campaign, workflow, and bulk-action email uses consistent, compliant sender information with standard characters in the display names.
Step 2: Validate your email templates
Go to Marketing → Emails → Templates and open any template with delivery issues.
Verify that no line exceeds 998 characters, and test the template across different email clients.
Step 3: Use external validation tools
Mail-Tester.com: Send a test email from your campaign, workflow, or bulk action to the address it provides, then review the compliance report and address any flagged violations.
MXToolbox Email Header Analyzer: Copy the headers from a delivered message, paste them into the analyzer, and review the warnings and errors.
RFC 5322 validator tools: Use an online RFC compliance checker to validate address formats before importing contacts and to test overall message structure.
Immediate fixes (1–2 hours): Correct sender-address formatting across campaigns, workflows, and bulk actions. You should see RFC rejections drop right away.
Template optimization (2–4 hours): Review and fix all email templates for proper structure to eliminate message-format violations.
Validation and testing (1–2 days): Test thoroughly across every sending method until delivery is consistent.
Regular sender audits: Review sender information in campaigns, workflows, and bulk actions monthly.
Template validation: Check templates for compliance before deploying them.
External testing: Run a Mail-Tester.com check weekly to catch issues early.
Bounce monitoring: Watch your delivery reports for RFC compliance error patterns.
Consistent configuration: Use the same compliant sender details, standard character sets, and valid email formats across every email touchpoint.
If RFC 5322 rejections persist:
Document the specific errors: Collect the exact bounce messages and note which sending method triggered each one.
Test systematically: Send test emails from campaigns, workflows, and bulk actions separately to isolate the source.
Review recent changes: Check for recent edits to sender information or templates.
Cross-reference settings: Make sure sender details are consistent across all of your email sending methods.
Do these requirements apply to my practice if I only send a few emails?
The authentication best practices (branded domain, SPF, DKIM, DMARC) help everyone's deliverability, and a visible unsubscribe option is expected on all marketing email. The stricter bulk-sender rules — like a required DMARC record — apply most directly when you send more than 5,000 emails per day, but following all of the practices above keeps your messages reaching the inbox regardless of volume.
What's the difference between SPF, DKIM, and DMARC?
SPF and DKIM are two authentication methods that prove an email genuinely came from your domain. DMARC sits on top of them and tells receiving servers how to handle messages that fail those checks. You generally want all three configured. See the Email Marketing collection for authentication setup.
Aesthetix CRM Email already adds one-click unsubscribe — do I still need an unsubscribe link in my email body?
Yes. The automatic one-click option lives in the message header (behind the scenes). You should still include a clear, visible unsubscribe link in the body of your campaigns and automated emails, typically in the footer.
Why don't I see Gmail spam complaints in my reports?
Gmail handles spam complaints privately to protect user information, so they aren't included in Aesthetix CRM email metrics. To monitor Gmail complaints, use Google Postmaster Tools. Yahoo complaints do appear in your Spam Reports.
My emails are bouncing even though my domain is authenticated. What now?
Authentication and message format are separate. If the bounce text mentions headers, From address, or "email standards," you're likely hitting an RFC 5322 formatting issue — work through the RFC 5322 resolution steps above, starting with a sender-configuration audit.
