Cloudflare's DMARC Management, currently in beta, integrates into their broader security and performance platform. It aims to provide the necessary insights to understand DMARC reports, helping identify email sources and authentication failures. The emphasis here is on leveraging Cloudflare's existing infrastructure for email security.
As part of a comprehensive suite, we found that its DMARC features are designed to complement Cloudflare's other offerings, such as DNS management and WAF. This makes it a compelling option for those already entrenched in the Cloudflare ecosystem, seeking to consolidate their security solutions under one roof.
MXtoolbox's Delivery Center provides a dedicated suite for email deliverability, with DMARC analytics being a core component. It offers DMARC deployment assistance, verified source management, and protection against domain impersonation. We observed a clear focus on email-specific issues.
The platform's features extend to SPF and DKIM configuration monitoring, along with deliverability diagnostics. This specialization allows MXtoolbox to offer deep insights into email flow and potential issues, making it a strong contender for those whose primary concern is robust email deliverability and authentication.
How easy is each product to use
User experience
Cloudflare's dashboard is generally intuitive, especially for those familiar with their other services. Setting up DMARC management involves configuring DNS records within the Cloudflare environment, which is straightforward if your DNS is already managed there. For users new to Cloudflare, there might be a learning curve with the sheer breadth of features.
We found the integration with existing Cloudflare services to be seamless, providing a unified experience. The challenge lies in isolating DMARC specifics from the wider security and performance settings, which can sometimes feel like finding a needle in a haystack if you are only focused on DMARC.
MXtoolbox offers a straightforward, email-centric interface. Its tools are separated, but clearly labeled, making it easy to jump directly to DMARC, blacklist checks, or other email diagnostics. We appreciate this focused approach, as it minimizes distractions for users solely interested in email deliverability.
While the navigation is functional, some might find the interface dated compared to more modern UIs. However, its simplicity is a strength, ensuring that even less technical users can navigate and utilize the core DMARC reporting features without extensive training.
Which product has the best support
Support
Cloudflare's support can vary significantly based on your plan tier. While extensive documentation and a community forum are available, direct customer support for free or lower-tier users can be slow. We've seen reports of issues with billing and unresponsiveness for P1 urgencies, which is a concern for mission-critical services.
For enterprise clients, dedicated support channels are typically available, providing faster and more personalized assistance. However, users on smaller plans should be prepared to rely heavily on self-service options and community resources, which may not suffice for complex DMARC implementation challenges.
MXtoolbox generally provides support through email and phone, with the quality often praised for their responsiveness to general queries. For paid plans, dedicated support channels offer more direct assistance. Some users, however, reported issues with their
30-day guarantee
and difficulties with cancellations, hinting at potential billing-related support challenges.
While the free tools are robust, advanced DMARC deployment assistance on paid plans should come with solid support. We noted that the support ticket option is usually reserved for active subscribers, potentially leaving non-subscribers or those trying to cancel in a lurch.
Who should use each product
Suitability
Cloudflare is best suited for organizations already leveraging their extensive network services, or those seeking a unified platform for web security, performance, and email authentication. For enterprise clients, its scalability and comprehensive feature set can be highly beneficial.
For SMBs, Cloudflare offers a generous free tier for general website protection, but DMARC management is currently in beta with specific pricing unclear. MSPs might find its multi-tenancy capabilities useful for managing various client domains under one umbrella, though the DMARC features are still maturing.
MXtoolbox caters to a wide range of users, from individuals needing quick DNS lookups to businesses requiring detailed email deliverability monitoring. Its strong focus on email health makes it ideal for SMBs and organizations that primarily need to ensure their email outreach is effective and secure.
For MSPs, MXtoolbox's ability to monitor multiple domains and provide detailed reports on email performance is a significant advantage. Enterprise users benefit from advanced features like SPF flattening and extensive blocklist monitoring, though larger scale email volumes might require custom solutions beyond their standard tiers.
How does Cloudflare compare with MXtoolbox?
DMARC report analysis
Ability to parse and visualize DMARC aggregate and forensic reports for insights into email authentication.
Provides insights into DMARC reports, showing authentication results and sending sources.
Offers comprehensive DMARC analytics, helping to interpret aggregate reports effectively.
Source detection
Identifies legitimate and unauthorized sending sources based on DMARC data.
Helps in identifying known and unknown email sending sources within the DMARC reports.
Manages and verifies email sending sources, highlighting new or unauthorized senders.
Forward detection
Recognizes email forwarding chains that can impact DMARC alignment and delivery.
Assists in understanding how forwarding affects DMARC results and email paths.
Provides visibility into forwarding, helping to diagnose potential DMARC alignment issues.
Spoof detection
Identifies attempts to send emails using your domain without authorization.
Actively detects and helps mitigate email spoofing attempts against your domain.
Offers strong domain impersonation protection and highlights spoofing incidents.
Notifications and alerts
Real-time or periodic alerts for DMARC policy changes, new threats, or compliance issues.
Provides customizable alerts for DMARC events and potential security issues.
Delivers alerts for critical email health and DMARC compliance concerns.
Reporting
Comprehensive dashboards and exportable reports on DMARC compliance and email security.
Offers detailed dashboards and reporting for DMARC compliance over time.
Generates various reports on DMARC analytics and overall email deliverability performance.
API
Application Programming Interface for programmatic access to data and features.
Offers extensive API access for integration and automated management of services.
Provides API for integration, including SIEM tools for reputation and contextual lookups.
Multi-tenancy
Ability to manage multiple domains or client accounts from a single interface.
Supports managing multiple domains within a single account, suitable for MSPs.
Allows for the management and monitoring of multiple client domains effectively.
SPF flattening
Feature to optimize SPF records to avoid the 10-lookup limit and improve deliverability.
Not a primary DMARC reporting feature; can be managed via general DNS capabilities.
Explicitly includes SPF flattening as a feature in its Delivery Center Plus plan.
Hosted DMARC
Service that manages your DMARC DNS record for you, simplifying setup and updates.
Facilitates DMARC record deployment as part of its DNS management offerings.
Assists with DMARC deployment and ongoing configuration monitoring.
BIMI
Support for Brand Indicators for Message Identification to display logos in inboxes.
Primarily a DNS and email authentication platform, BIMI management is not a core DMARC reporting feature.
Focused on email deliverability, BIMI support is not a primary offering of its DMARC reporting.
MTA-STS/TLS-RPT
Support for Mail Transfer Agent Strict Transport Security and TLS Reporting.
These advanced email security protocols are not directly covered by its DMARC reporting.
While email security is key, explicit MTA-STS/TLS-RPT features are not prominent for DMARC reporting.
Blocklists and reputation
Monitoring of IP and domain reputation across various email blocklists.
General security offerings, but not specialized in email-specific blocklist (or blacklist) monitoring for DMARC.
Offers weekly and adaptive sender blocklist (or blacklist) monitoring as a core feature.
AI copilot
AI-powered assistant for DMARC analysis, recommendations, and issue resolution.
No explicit AI copilot feature for DMARC analysis has been announced or observed.
Does not currently feature an AI copilot for DMARC analysis or recommendations.
DNS monitoring
Continuous monitoring of DNS records for changes or misconfigurations.
Core offering includes comprehensive DNS management and monitoring capabilities.
Provides tools for DNS lookup and monitoring, crucial for email health.
Self hostable
Option to host the DMARC reporting solution on your own servers.
Cloudflare's services are cloud-based and not designed for self-hosting.
MXtoolbox is a SaaS platform and does not offer a self-hostable solution.
Free trial/free tier
Availability of a free version or a trial period for paid features.
DMARC management is available in beta for free; other free plans exist.
Offers a free tier with weekly blacklist monitoring and a 30-day satisfaction guarantee for paid plans.
Drawbacks and what to watch out for
Cloudflare's DMARC offering is a nascent part of a much larger ecosystem, which sometimes means DMARC-specific support and focus can be diluted. Their primary drawbacks seem to revolve around customer support responsiveness, especially for non-enterprise users, and billing complexities. MXtoolbox, while dedicated to email, faces criticism regarding its 'risk-free' trials, with multiple users reporting issues getting refunds, suggesting questionable business practices in some instances.
We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.
4.5 / 5(561)
4.1 / 5(29)
Horrible Support and Billing - They run with your money and don't care to get billing correct
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
Ease of deployment, dashboard and configurations for the WAF, Cache, and other features are top tier with ease, settings, and logging. Just don't have an issue with them or you're on your own. Also, don't keep a credit card on file or they'll bill you for their mistakes.
What do you dislike about Cloudflare Application Security and Performance?
Customer support and billing. Their support does not read what you have to say but rather comes in with their own interpretation of what has happened and forces their views on your issue rather than trying to understand exactly what is happening. On two occassions in the last few months I have had this happen when I encountered an issue with the core product and their billing.
The billing should be detailed further as it is sketchy business practices. Back in April they changed their billing software and charged me incorrectly for a month as it included the previous month as well (which I already paid). I brought this to their attention and the billing support assured me that it was not a problem. Come last week, they limited my account as I "had unpaid biling" so I contacted them again and brought attention to this wrong invoice that they never corrected. Come yesterday, they just charged my credit card on file without my authorization or explanination of what is going on. I've replied to the open ticket and created a new ticket and no one is answering.
I don't want to be a drama case but this is ridiculous to have been charged something from months ago and not be given an explanation.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Improve the security and performance of our websites/applications. Their configurable/customizable WAF, CDN/Caching, bot mitigation, and DDoS protection accomplish this for our websites/applications.
Jim M.
Owner Small-Business (50 or fewer emp.)
Business Practices are scammy
0.0 / 5
What do you like best about MXToolbox?
It helped us solve the small issue we had with our emails going to customers spam folder.
What do you dislike about MXToolbox?
I initially signed up online for a month-to-month contract, but then a salesperson got a hold of me and sent me a quote. The quote he sent me was for a year contract which I did not want, so I signed up for the month to month. Once the problem was fixed I tried to cancel and I couldn't do it online. I emailed them and they told me I had to call them. After lots of back and fourth they told me I signed a year contract and I couldn't cancel. I would have never signed up for a year. It was a very scammy business practice. Eventually they stopped responding so I had to stop the payments from my credit card.
Recommendations to others considering MXToolbox:
I don't recommend them because of their shady business practices.
What problems is MXToolbox solving and how is that benefiting you?
fixing a problem with emails going to spam
Sam B.
IT Director Mid-Market (51-1000 emp.)
Support very unresponsive. Not understanding P1 urgency. Delayed project 3 whole days.
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
The website is intuitive, implementation steps are straightforward. It has numerous features, and they are indeed needed by a web app.
What do you dislike about Cloudflare Application Security and Performance?
If your implementation goes well, it's fine. However, if you are in trouble, the support doc is useless. You pay for the pro plan to try to get some technician support. No one cares about your business or service, even if you identify it as a P1 urgency. My project was down and could not get anyone to help me when I identified it as a high-impact ticket.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
The ticket support system is horrible. No technicians provide you with timely manner answers and support. Not worth the price.
Andrew Z.
Small-Business (50 or fewer emp.)
Think twice before doing their paid plans. Deceptive "risk-free" 30 day trial
0.0 / 5
What do you like best about MXToolbox?
I suspect many of the people responding favorably on this forum are using their free tools. Their free tools are very useful -- but think twice before upgrading to their paid plans.
What do you dislike about MXToolbox?
Like many other software vendors - they make an offer of a risk-free one-month trial. However, they don't actually refund you your money if you cancel before 30 days. Here is my example: I signed up for their delivery center option on November 10, 2018 and was promptly billed $99. I used the service for 2 days, realized the paid features were overkill for my own and customers' needs, so called to cancel November 12 (two days after signup.) They acknowledged my cancellation by email but never credited back my account for the $99.
On December 17th I called their toll-free line. Matt on the phone said ("getting a refund would require managers approval and it's not a certain thing.") No sign of any refund as-yet, no confirmation from the company following the call of what to expect on refund.
On December 15 I emailed. Their response to my email was "Sorry, we can't process that sort of thing by email. Either call or create a support ticket." Unfortunately, the support ticket option is available only for active subscribers -- so you are left with calling their phone system and having no record of exchange. Attached is an image from their website taken December 2018 in which they describe their "risk-free" offer. https://postimg.cc/mhgzm197
In summary -- Be aware that their free trial is not like how most other software vendors manage their trial promotions. They are opportunistic about billing you and (in my experience) don't honor the refund they promise as part of their risk-free trial.
Recommendations to others considering MXToolbox:
Use their free tools (they are good.) Their paid tools are overpriced, and they have a misleading "risk-free" plan that will end up costing you $99.
What problems is MXToolbox solving and how is that benefiting you?
Their free tools will help you diagnose MX configuration issues.
jon b.
Jon Small-Business (50 or fewer emp.)
WAF is good, but so many half baked side features
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
The WAF is pretty industry standard. Its not too slow, gets regular updates, easy to deploy and cheap
What do you dislike about Cloudflare Application Security and Performance?
The side features are just trash. Its clear they have been shipped and dropped.
Cloudflare Bot Detection should not exist. Its not even funny how easy it is to bypass.
Page Shield is a joke, their API security is a joke.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
OWASP top 10
Verified User in Computer Software
Small-Business (50 or fewer emp.)
Beware their "30 day free trial" of the Delivery Center!
0.5 / 5
What do you like best about MXToolbox?
The free tools are good, and one wouldn't mind paying something for them, but one does object to being defrauded - see below.
What do you dislike about MXToolbox?
Tried to cancel free trial only a couple of days in, but $99 had been taken from my card and they have not responded to repeated requests to end it and refund the money. It looks like attempted fraud.
What problems is MXToolbox solving and how is that benefiting you?
Simple things like reverse DNS lookup helped us to check our email setup.
Alexander S.
Small-Business (50 or fewer emp.)
Love the product- support could use some work
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
Super easy to use. Very developer friendly. Tons of value for price. Undoubtedly #1 in WAF.
What do you dislike about Cloudflare Application Security and Performance?
Could use some better support. No direct channels for tech questions.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
It's providing great security for our web app.
Verified User in Computer Software
Mid-Market (51-1000 emp.)
Makes email management easy
3.5 / 5
What do you like best about MXToolbox?
-Affordable pricing
-Setting up is very easy
-Useful dashboards
-Makes email reputation checks easier
What do you dislike about MXToolbox?
-This tool covers everything required for email management, there is nothing to dislike about.
What problems is MXToolbox solving and how is that benefiting you?
I have used this tool for domain reputation checking for phising mail analysis also I am using this for some of my projects to check mail deliverability and reputation of the domain to make sure the domain is not being blacklisted due to sending loads of emails.
Nitin R.
Software dev Small-Business (50 or fewer emp.)
Don't Pay for Support
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
In general, cloudflare is really easy to navigate, especially for simple DNS and domain management. Unless you have a complicated setup, I find it easy enough to move a domain or simply manage DNS for most sites.
What do you dislike about Cloudflare Application Security and Performance?
Their support is terrible. Had an issue with a client's DNS and the person I was talking to clearly didn't have a clue what they were talking about. They took so long between answers, it seemed like they were just asking someone else. Ultimately, they were of no help and we were out the money we paid to have live support.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Makes DNS and Security easy for most websites and domains.
Verified User in Marketing and Advertising
Small-Business (50 or fewer emp.)
MXToolBox is great for blacklist testing
3.5 / 5
What do you like best about MXToolbox?
MXToolBox is suitable for Blacklists, DMARC, Diagnostics, Email Health, and DNS Lookup checks.
What do you dislike about MXToolbox?
For a free tool, I'd say MXToolBox is pretty top-notch.
What problems is MXToolbox solving and how is that benefiting you?
I used MXToolBox for DNS look-ups and blacklist checks.
Verified User in Marketing and Advertising
Enterprise (> 1000 emp.)
Pricing
Cloudflare's DMARC Management is currently in beta with no public pricing, while MXtoolbox offers a free tier and tiered subscriptions based on email volume.
4.5 / 5(561)
