Cloudflare offers DMARC management as an integrated part of its expansive security and performance ecosystem. We find its DMARC features integrate seamlessly with other services, providing a comprehensive view of email authentication alongside web security.
The platform focuses on delivering enterprise-grade solutions, offering robust analytics, reporting, and enforcement capabilities. We've seen it provide valuable insights into DMARC compliance, helping to identify and mitigate email fraud effectively.
DMARC-SRG is a highly focused, self-hosted PHP tool specifically designed for DMARC report parsing and generation. We appreciate its direct, no-frills approach to email authentication data analysis.
It's built for those who desire granular control over their DMARC data, offering the essential tools for analysis without the extensive, broader feature set found in commercial platforms. Its utility is in its simplicity and directness.
DMARC-SRG
How easy is each product to use
User experience
DMARC-SRG
Navigating Cloudflare's dashboard for DMARC can sometimes feel like finding a needle in a haystack, given the sheer volume of other services offered. While generally intuitive for its vast feature set, we've observed that users focusing solely on DMARC might experience a steeper initial learning curve due to the platform's breadth.
The DMARC setup process is guided, but configuring deeper DMARC settings and policies often requires familiarity with the broader Cloudflare environment. It's powerful, but also requires commitment to their ecosystem.
The user experience with DMARC-SRG is very much a do-it-yourself endeavor. It isn't a polished SaaS interface with fancy graphs and drag-and-drop features, but rather a collection of scripts and a web-based viewer that you manage.
For those comfortable with server environments and PHP, it offers a straightforward way to process DMARC reports directly. Its simplicity is truly its strength, as it eliminates unnecessary complexities for basic DMARC monitoring and analysis.
DMARC-SRG
Which product has the best support
Support
DMARC-SRG
Cloudflare's support can be a mixed bag, a common theme we've observed across many large platform providers. For paying customers, particularly on higher tiers, we've found responses to be generally helpful and detailed. However, users on lower-tier plans frequently report slower response times and less direct access to technical assistance.
Their extensive documentation and active community forums are invaluable resources for self-help, but obtaining personalized DMARC support might sometimes require a fair bit of patience or an upgraded subscription.
As an open-source project, DMARC-SRG relies primarily on community support. Users typically turn to GitHub issues, forums, or self-help documentation provided by the project's contributors. There's a strong sense of community, but no formal service level agreement.
We've experienced that solutions are often found by diving into the code, experimenting, or relying on contributions from other users facing similar challenges. There's no dedicated support team, so a significant degree of technical independence and problem-solving skill is essential.
DMARC-SRG
Who should use each product
Suitability
DMARC-SRG
Cloudflare is an excellent choice for organizations seeking a holistic security solution. It's particularly well-suited for enterprises that require a scalable, integrated platform covering DMARC alongside other web security, performance, and compliance features, often benefiting from custom support.
It's also a strong contender for Managed Service Providers (MSPs) managing numerous clients who already utilize Cloudflare for web security, as the DMARC solution integrates neatly into their existing management ecosystem. For Small to Medium Businesses (SMBs), it can be a good option if they are already leveraging Cloudflare's broader services and want to consolidate vendors.
DMARC-SRG is best suited for technically proficient individuals or small organizations with specific requirements for an in-house, highly customized DMARC reporting tool. It caters to those who value complete control over their data and infrastructure.
It is less ideal for Managed Service Providers (MSPs) due to the significant manual setup and ongoing maintenance overhead required for each client instance. Large enterprises generally won't find it suitable unless they have substantial internal development resources dedicated to maintaining open-source solutions. Tech-savvy SMBs, however, can leverage it as a no-cost DMARC reporting tool if they have the expertise to deploy and manage it.
DMARC-SRG
How does Cloudflare compare with DMARC-SRG?
DMARC-SRG
DMARC report analysis
Processes and interprets DMARC aggregate and forensic reports.
Helps distinguish legitimate email forwarding from spoofing attempts.
Spoof detection
Identifies unauthorized use of your domain in email sending.
Notifications and alerts
Provides real-time or periodic alerts on DMARC events.
Requires custom scripting for alerts.
Reporting
Offers customizable reports and dashboards for DMARC data.
Basic reporting features.
API
Provides an API for programmatic access to DMARC data and configuration.
Not designed with a public API.
Multi-tenancy
Supports managing DMARC for multiple domains or clients from a single account.
Single instance per deployment.
SPF flattening
Combines multiple SPF records to stay within the 10-lookup limit.
Requires manual management.
Hosted DMARC
The DMARC service is managed and hosted by the provider.
Requires self-hosting.
BIMI
Support for Brand Indicators for Message Identification (BIMI).
No native BIMI support.
MTA-STS/TLS-RPT
Support for MTA-Strict Transport Security and TLS Reporting.
No native support.
Blocklists and reputation
Monitors blocklists (or blacklists) and sender reputation.
Focuses solely on DMARC reports.
AI copilot
Utilizes AI for advanced insights or automated actions.
DNS monitoring
Monitors changes and health of DNS records.
Not a DNS monitoring tool.
Self hostable
Can be installed and run on your own servers.
Free trial/free tier
Offers a way to try or use the product without initial cost.
Open-source, completely free.
Drawbacks and what to watch out for
Cloudflare's DMARC offering, while part of a comprehensive suite, can unfortunately suffer from the same support challenges and potentially escalating pricing concerns that we've seen across its wider product ecosystem, particularly affecting non-enterprise users. DMARC-SRG, on the other hand, being a self-hosted open-source solution, inherently comes with the significant burden of manual setup, ongoing maintenance, and a complete absence of dedicated commercial support, which can be a double-edged sword for many.
We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.
4.5 / 5(561)
DMARC-SRG
0 / 5(0)
Horrible Support and Billing - They run with your money and don't care to get billing correct
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
Ease of deployment, dashboard and configurations for the WAF, Cache, and other features are top tier with ease, settings, and logging. Just don't have an issue with them or you're on your own. Also, don't keep a credit card on file or they'll bill you for their mistakes.
What do you dislike about Cloudflare Application Security and Performance?
Customer support and billing. Their support does not read what you have to say but rather comes in with their own interpretation of what has happened and forces their views on your issue rather than trying to understand exactly what is happening. On two occassions in the last few months I have had this happen when I encountered an issue with the core product and their billing.
The billing should be detailed further as it is sketchy business practices. Back in April they changed their billing software and charged me incorrectly for a month as it included the previous month as well (which I already paid). I brought this to their attention and the billing support assured me that it was not a problem. Come last week, they limited my account as I "had unpaid biling" so I contacted them again and brought attention to this wrong invoice that they never corrected. Come yesterday, they just charged my credit card on file without my authorization or explanination of what is going on. I've replied to the open ticket and created a new ticket and no one is answering.
I don't want to be a drama case but this is ridiculous to have been charged something from months ago and not be given an explanation.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Improve the security and performance of our websites/applications. Their configurable/customizable WAF, CDN/Caching, bot mitigation, and DDoS protection accomplish this for our websites/applications.
Jim M.
Owner Small-Business (50 or fewer emp.)
No G2 reviews
G2 is the most popular review platform for DMARC products, so this is a strong signal that this product is not popular.
Support very unresponsive. Not understanding P1 urgency. Delayed project 3 whole days.
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
The website is intuitive, implementation steps are straightforward. It has numerous features, and they are indeed needed by a web app.
What do you dislike about Cloudflare Application Security and Performance?
If your implementation goes well, it's fine. However, if you are in trouble, the support doc is useless. You pay for the pro plan to try to get some technician support. No one cares about your business or service, even if you identify it as a P1 urgency. My project was down and could not get anyone to help me when I identified it as a high-impact ticket.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
The ticket support system is horrible. No technicians provide you with timely manner answers and support. Not worth the price.
Andrew Z.
Small-Business (50 or fewer emp.)
WAF is good, but so many half baked side features
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
The WAF is pretty industry standard. Its not too slow, gets regular updates, easy to deploy and cheap
What do you dislike about Cloudflare Application Security and Performance?
The side features are just trash. Its clear they have been shipped and dropped.
Cloudflare Bot Detection should not exist. Its not even funny how easy it is to bypass.
Page Shield is a joke, their API security is a joke.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
OWASP top 10
Verified User in Computer Software
Small-Business (50 or fewer emp.)
Love the product- support could use some work
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
Super easy to use. Very developer friendly. Tons of value for price. Undoubtedly #1 in WAF.
What do you dislike about Cloudflare Application Security and Performance?
Could use some better support. No direct channels for tech questions.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
It's providing great security for our web app.
Verified User in Computer Software
Mid-Market (51-1000 emp.)
Don't Pay for Support
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
In general, cloudflare is really easy to navigate, especially for simple DNS and domain management. Unless you have a complicated setup, I find it easy enough to move a domain or simply manage DNS for most sites.
What do you dislike about Cloudflare Application Security and Performance?
Their support is terrible. Had an issue with a client's DNS and the person I was talking to clearly didn't have a clue what they were talking about. They took so long between answers, it seemed like they were just asking someone else. Ultimately, they were of no help and we were out the money we paid to have live support.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Makes DNS and Security easy for most websites and domains.
Verified User in Marketing and Advertising
Small-Business (50 or fewer emp.)
Pricing
Cloudflare offers a free beta for its DMARC management, with its full pricing likely integrated into its comprehensive, tiered enterprise plans, while DMARC-SRG stands out as an entirely free, self-hosted open-source project.
4.5 / 5(561)
