Cloudflare's DMARC Management is a newer offering, still in beta, integrated within its much broader suite of security and performance products. We find its DMARC features are foundational, focusing on the core aspects of DMARC reporting and enforcement. As part of a larger ecosystem, it benefits from Cloudflare's extensive infrastructure and threat intelligence.
The DMARC functionality within Cloudflare is designed to be straightforward for users already familiar with their platform. It collects DMARC aggregate (RUA) and forensic (RUF) reports, providing visibility into email authentication results. We observe it leverages Cloudflare's existing DNS management capabilities, making setup relatively seamless if your DNS is already hosted with them.
DMARC Monitor offers a more specialized set of features dedicated solely to DMARC reporting and analysis. We've experienced that it provides granular insights into email traffic, helping identify legitimate senders and detect spoofing attempts. Its dashboard is built specifically for DMARC, leading to a focused user experience.
Our direct experience with DMARC Monitor shows it provides detailed breakdowns of DMARC, SPF, and DKIM authentication statuses, often highlighting specific issues that need attention. It aims to simplify the complex task of DMARC implementation and enforcement, providing a clear path to achieve full protection against email impersonation (spoofing).
How easy is each product to use
User experience
Using Cloudflare's DMARC Management, we find the user experience to be consistent with the rest of their platform. If you're already a Cloudflare user, integrating DMARC is intuitive. The dashboard presents DMARC data within the familiar Cloudflare UI, which can be a double-edged sword: familiar for existing users, but potentially overwhelming for new users primarily interested in DMARC.
Our testing indicates that while the DMARC-specific interface is clean, navigating to it within the vast Cloudflare ecosystem requires a bit of searching initially. We appreciate the consolidated approach, but the sheer volume of options can sometimes make the DMARC module feel like a small part of a much larger puzzle, rather than a standalone, focused tool.
DMARC Monitor offers a straightforward and dedicated user experience focused exclusively on email authentication. We've found its dashboard to be highly intuitive, presenting DMARC, SPF, and DKIM reports in an easy-to-digest format. The learning curve is notably shallower for new users, as there are no extraneous features to distract from DMARC management.
In our experience, DMARC Monitor excels at presenting complex data clearly. We particularly like how quickly we can pinpoint issues and understand the impact of policy changes, such as moving from `p=none` to `p=quarantine` or `p=reject`. The simplicity allows us to efficiently analyze report data and make informed decisions about email security policies.
Which product has the best support
Support
Cloudflare's support structure is tiered, often correlating with your subscription level. For its beta DMARC Management, specific support channels might vary. From our experience with Cloudflare generally, free and lower-tier users often rely on extensive documentation and community forums, with direct technical support becoming more accessible at higher paid plans.
We've found that while Cloudflare offers a wealth of self-help resources, getting prompt, personalized assistance for DMARC-specific issues might require being on a business or enterprise plan. Our interactions suggest that basic DMARC questions are usually resolvable through their knowledge base, but complex configurations may demand direct support, which can be slower for non-enterprise users.
DMARC Monitor, as a specialized service, generally provides dedicated support for DMARC-related inquiries. We anticipate a more focused support experience, as their team is entirely geared towards email authentication challenges. This specialization often translates to quicker and more knowledgeable responses for DMARC issues.
Our expectation is that users of DMARC Monitor would benefit from direct access to DMARC experts, potentially through email or a ticketing system, even on their paid plans. Given its focused nature, we would expect a higher level of personalized guidance through the DMARC journey, from initial setup to full enforcement, compared to a broader security platform.
Who should use each product
Suitability
Cloudflare's DMARC Management is best suited for existing Cloudflare users, particularly enterprise and mid-market organizations that are already leveraging Cloudflare for DNS, CDN, and other security services. It's an excellent addition for those looking to consolidate their security stack. For Small to Medium Businesses (SMBs) already on Cloudflare, it offers a convenient, integrated DMARC solution.
For Managed Service Providers (MSPs), Cloudflare offers a comprehensive platform that can manage various aspects of client infrastructure, including DMARC. Its broad feature set and scalability make it suitable for MSPs handling diverse client needs, though DMARC management is still evolving within their offering. New users who aren't already invested in Cloudflare might find it a heavier lift to adopt purely for DMARC.
DMARC Monitor is ideal for any organization, from SMBs to enterprise, whose primary focus is DMARC implementation and email authentication without needing a broader security platform. It's particularly well-suited for businesses seeking a dedicated, easy-to-understand tool to achieve DMARC enforcement quickly and efficiently, regardless of their existing infrastructure.
We believe MSPs would find DMARC Monitor valuable for clients where email security is a critical, standalone project. Its specialized nature means MSPs can become experts in DMARC Monitor quickly, allowing them to provide focused, high-value DMARC services. Its clear reporting and user-friendly interface make it accessible for teams that prefer a streamlined, purpose-built solution over a multi-faceted platform.
How does Cloudflare compare with DMARC Monitor?
DMARC report analysis
Aggregate (RUA) and Forensic (RUF) report processing and visualization.
Provides essential DMARC report processing and insights.
Offers comprehensive DMARC report analysis with detailed breakdowns.
Source detection
Ability to identify email sending sources.
Identifies email sending sources as part of DMARC reporting.
Strong capabilities in identifying all email sending sources.
Forward detection
Identifies legitimate email forwarding.
Basic forwarding detection to prevent misinterpretation of DMARC results.
Robust forwarding detection to accurately assess authentication outcomes.
Spoof detection
Detects unauthorized use of your domain.
Leverages DMARC to detect and help mitigate email spoofing attempts.
Core functionality to identify and alert on email spoofing.
Notifications and alerts
Proactive alerts on DMARC issues.
Offers alerts for DMARC non-compliance or unusual activity.
Provides comprehensive notifications and alerts for DMARC events.
Reporting
Customizable reports and data export.
Includes reporting within the Cloudflare dashboard.
Dedicated reporting features designed for DMARC insights.
API
Programmatic access to DMARC data.
Part of Cloudflare's extensive API ecosystem.
API access is not a highlighted feature, focused on GUI.
Multi-tenancy
Manage multiple domains or client accounts.
Supported through Cloudflare's organizational features.
Designed to manage multiple domains or client accounts.
SPF flattening
Simplifies complex SPF records.
Not explicitly a DMARC feature, handled by DNS services separately.
Offers SPF flattening to overcome 10-lookup limit.
Hosted DMARC
Managed DMARC records.
Integrates with Cloudflare's DNS for easy DMARC record management.
Manages DMARC DNS records for simplicity.
BIMI
Brand Indicators for Message Identification.
Not a primary feature of their DMARC offering.
Supports BIMI record setup and monitoring.
MTA-STS/TLS-RPT
Secure email transport protocols.
Focuses on DMARC, not direct MTA-STS/TLS-RPT management.
Includes monitoring and assistance for MTA-STS/TLS-RPT.
Blocklists and reputation
Monitoring email blocklists (blacklists) and domain reputation.
Not specifically included in their DMARC beta.
Provides insights into blocklist (blacklist) status and reputation.
AI copilot
AI-powered assistance for DMARC management.
Not explicitly offered for DMARC management.
Not an advertised feature.
DNS monitoring
Monitoring of DNS records.
Integral to Cloudflare's core DNS services.
Includes basic DNS monitoring for DMARC relevant records.
Self hostable
Ability to host the solution on your own infrastructure.
A cloud-based SaaS platform.
A cloud-based SaaS platform.
Free trial/free tier
Availability of a free option to try or use the service.
DMARC Management is currently available in a free beta, with free general Cloudflare plans.
Offers a free DMARC report plan.
Drawbacks and what to watch out for
Cloudflare's DMARC offering, while integrated into a powerful ecosystem, suffers from issues often reported with their broader support and billing. Users highlight unresponsiveness and difficulties getting technical questions answered, especially on lower tiers. DMARC Monitor, lacking public reviews, presents a blank slate, but we would look for clarity on its support responsiveness and any potential hidden complexities for advanced use cases.
We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.
4.5 / 5(561)
0 / 5(0)
Horrible Support and Billing - They run with your money and don't care to get billing correct
0.0 / 5
What do you like best about Cloudflare Application Security and Performance? Ease of deployment, dashboard and configurations for the WAF, Cache, and other features are top tier with ease, settings, and logging. Just don't have an issue with them or you're on your own. Also, don't keep a credit card on file or they'll bill you for their mistakes. What do you dislike about Cloudflare Application Security and Performance? Customer support and billing. Their support does not read what you have to say but rather comes in with their own interpretation of what has happened and forces their views on your issue rather than trying to understand exactly what is happening. On two occassions in the last few months I have had this happen when I encountered an issue with the core product and their billing. The billing should be detailed further as it is sketchy business practices. Back in April they changed their billing software and charged me incorrectly for a month as it included the previous month as well (which I already paid). I brought this to their attention and the billing support assured me that it was not a problem. Come last week, they limited my account as I "had unpaid biling" so I contacted them again and brought attention to this wrong invoice that they never corrected. Come yesterday, they just charged my credit card on file without my authorization or explanination of what is going on. I've replied to the open ticket and created a new ticket and no one is answering. I don't want to be a drama case but this is ridiculous to have been charged something from months ago and not been given an explanation. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? Improve the security and performance of our websites/applications. Their configurable/customizable WAF, CDN/Caching, bot mitigation, and DDoS protection accomplish this for our websites/applications.
Jim M.
Owner Small-Business (50 or fewer emp.)
No G2 reviews
G2 is the most popular review platform for DMARC products, so this is a strong signal that this product is not popular.
Support very unresponsive. Not understanding P1 urgency. Delayed project 3 whole days.
0.0 / 5
What do you like best about Cloudflare Application Security and Performance? The website is intuitive, implementation steps are straightforward. It has numerous features, and they are indeed needed by a web app. What do you dislike about Cloudflare Application Security and Performance? If your implementation goes well, it's fine. However, if you are in trouble, the support doc is useless. You pay for the pro plan to try to get some technician support. No one cares about your business or service, even if you identify it as a P1 urgency. My project was down and could not get anyone to help me when I identified it as a high-impact ticket. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? The ticket support system is horrible. No technicians provide you with timely manner answers and support. Not worth the price.
Andrew Z.
Small-Business (50 or fewer emp.)
WAF is good, but so many half baked side features
2.5 / 5
What do you like best about Cloudflare Application Security and Performance? The WAF is pretty industry standard. Its not too slow, gets regular updates, easy to deploy and cheap What do you dislike about Cloudflare Application Security and Performance? The side features are just trash. Its clear they have been shipped and dropped. Cloudflare Bot Detection should not exist. Its not even funny how easy it is to bypass. Page Shield is a joke, their API security is a joke. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? OWASP top 10
Verified User in Computer Software
Small-Business (50 or fewer emp.)
Love the product- support could use some work
2.5 / 5
What do you like best about Cloudflare Application Security and Performance? Super easy to use. Very developer friendly. Tons of value for price. Undoubtedly #1 in WAF. What do you dislike about Cloudflare Application Security and Performance? Could use some better support. No direct channels for tech questions. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? It's providing great security for our web app.
Verified User in Computer Software
Mid-Market (51-1000 emp.)
Don't Pay for Support
2.5 / 5
What do you like best about Cloudflare Application Security and Performance? In general, cloudflare is really easy to navigate, especially for simple DNS and domain management. Unless you have a complicated setup, I find it easy enough to move a domain or simply manage DNS for most sites. What do you dislike about Cloudflare Application Security and Performance? Their support is terrible. Had an issue with a client's DNS and the person I was talking to clearly didn't have a clue what they were talking about. They took so long between answers, it seemed like they were just asking someone else. Ultimately, they were of no help and we were out the money we paid to have live support. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? Makes DNS and Security easy for most websites and domains.
Verified User in Marketing and Advertising
Small-Business (50 or fewer emp.)
Pricing
Cloudflare's DMARC Management is currently in beta and aims for enterprise users, whereas DMARC Monitor offers both free and paid plans, but requires contacting them for detailed pricing.
Small
Up to 10k emails / month
Free beta, contact sales for post-beta pricing.
Free DMARC report plan available, contact for paid plans.
Medium
Up to 100k emails / month
Free beta, contact sales for post-beta pricing.
Contact for pricing on paid plans.
Large
Up to 1 million emails / month
Free beta, contact sales for post-beta pricing.
Contact for pricing on paid plans.
Enterprise
Over 1 million emails / month
Free beta, contact sales for post-beta pricing.
Contact for pricing on paid plans.
Suped hard sell incoming!
Still not satisfied with Cloudflare or DMARC Monitor?
4.5 / 5(561)
