Is Cloudflare DMARC Management really free?

Currently, Cloudflare DMARC Management is available in beta and is free to join the waitlist. While Cloudflare offers various free plans for its broader services, specific pricing for the DMARC solution post-beta is not yet fully detailed, but general free tiers often exist for basic usage.

Does MyDMARC offer a free plan?

Yes, MyDMARC has a permanent free plan. It allows for monitoring one domain with 7-day data retention and daily DMARC report parsing, which is a great way to start your DMARC journey without any cost.

Which product is better for beginners in DMARC?

MyDMARC generally offers a more focused and guided experience specifically designed for DMARC implementation, making it very beginner-friendly. Its simplified dashboard and step-by-step approach help newcomers navigate the complexities of DMARC more easily.

Can Cloudflare provide email deliverability insights beyond DMARC?

Cloudflare's DMARC Management primarily focuses on email authentication reporting. While Cloudflare offers broad security and performance services, its DMARC tool does not extend into full-scale email deliverability testing or inbox placement monitoring, which are typically found in specialized email deliverability platforms.

Do both products support SPF flattening?

Yes, both Cloudflare and MyDMARC offer SPF flattening. This feature is crucial for domains that send email from multiple services, as it helps consolidate SPF records to prevent exceeding the 10-lookup DNS limit, which can cause SPF authentication failures.

Cloudflare vs MyDMARC

Choose Cloudflare for comprehensive web security, MyDMARC for dedicated DMARC simplicity.

4.5 / 5(561)

Compare to Suped

0 / 5(0)

Compare to Suped

Compare product functionality

Feature set

Cloudflare's DMARC Management (beta) is part of its broader security ecosystem. It provides DMARC reporting and analysis capabilities, allowing us to gain visibility into email authentication results and identify potential spoofing attempts. We find it integrates well for users already leveraging Cloudflare for other web services, offering a consolidated view of security.

While Cloudflare's DMARC solution provides fundamental insights into DMARC, SPF, and DKIM, it focuses on reporting rather than offering extensive email deliverability tools beyond authentication. Its strength lies in its ability to quickly show authentication failures and aggregate data, which is useful for initial DMARC policy enforcement.

MyDMARC offers a dedicated suite of tools specifically for DMARC reporting and enforcement. We've seen it provide detailed DMARC aggregate (RUA) and forensic (RUF) reports, breaking down email sources and authentication results with granular insights. This allows us to pinpoint unauthorized senders and configure DMARC policies effectively.

Beyond basic reporting, MyDMARC includes features like SPF flattening and hosted DMARC, which simplify the technical implementation for many organizations. It's designed to guide users through the DMARC journey, from monitoring to enforcement, with features aimed at improving overall email deliverability and preventing email spoofing.

How easy is each product to use

User experience

Cloudflare's dashboard is generally known for its intuitive design and ease of navigation, especially for those familiar with its other services. The DMARC reporting interface, being part of this broader platform, maintains a consistent user experience. We found the setup process relatively straightforward, primarily involving DNS record configuration.

However, for users solely interested in DMARC without prior Cloudflare engagement, the extensive features of the wider platform might feel a bit overwhelming initially. The DMARC specific sections are clear, but navigating the larger Cloudflare environment can have a learning curve.

MyDMARC provides a focused and streamlined user experience, specifically tailored for DMARC management. Its dashboard presents DMARC data in an easily digestible format, with clear graphs and tables that highlight key metrics like legitimate vs. illegitimate email traffic. We found the onboarding process to be very guided.

The specialized nature of MyDMARC means there's less clutter, allowing users to concentrate purely on their DMARC deployment. The interface simplifies complex DMARC concepts, making it accessible even for those less technically inclined. The step-by-step guidance for DMARC policy changes is particularly helpful.

Which product has the best support

Support

Cloudflare offers tiered support, with faster response times and more dedicated assistance available on higher-tier (paid) plans. For free or lower-tier users, support primarily relies on extensive documentation, community forums, and email tickets. Our experience suggests that while the documentation is thorough, direct DMARC-specific support for advanced issues can be slower without a premium plan.

Given Cloudflare's vast array of services, getting highly specialized DMARC support might sometimes require patience, as the general support team may need to escalate. However, their online resources are comprehensive for common queries.

MyDMARC emphasizes customer support as part of its offering, particularly with its Pro plan which includes priority email support. For basic plans, users typically rely on standard email support. We've found their support team to be knowledgeable specifically about DMARC, which is a significant advantage.

Because MyDMARC is a specialized product, their support staff are highly focused on DMARC, SPF, and DKIM issues. This often leads to more relevant and quicker resolutions for DMARC-related challenges, making it a strong contender if dedicated DMARC expertise is a priority for your support needs.

Who should use each product

Suitability

Cloudflare's DMARC Management is best for organizations already using (or planning to use) Cloudflare for their broader web infrastructure, including DNS, CDN, and security services. It offers a convenient, integrated solution for DMARC alongside other critical functions.

It is suitable for:

- SMBs looking for a unified web security and DMARC solution, especially if they are cost-conscious and can leverage Cloudflare's free offerings for DMARC monitoring. However, comprehensive DMARC enforcement might require deeper technical understanding or higher-tier Cloudflare plans.

- Enterprise clients who already have extensive Cloudflare deployments and want to consolidate their security vendors. Their ability to handle large data volumes makes them a viable option, though specialized DMARC teams might find the DMARC features less granular than dedicated tools.

- MSPs might find it useful for clients already on Cloudflare, but managing DMARC across diverse client environments could require more specialized tooling.

MyDMARC is ideal for any organization, from small businesses to enterprises, that needs a focused, user-friendly, and effective DMARC reporting and enforcement solution. It's particularly good for those who may not have deep DMARC expertise in-house.

It is suitable for:

- SMBs who need a clear, guided path to DMARC enforcement without getting bogged down by overly complex dashboards or features unrelated to email authentication. The free and basic plans offer good starting points.

- Enterprise clients seeking a robust DMARC solution with features like SPF flattening and real-time parsing, without necessarily being tied to a larger security platform. It provides the necessary depth for complex DMARC deployments.

- MSPs will find MyDMARC's focused approach valuable for managing DMARC for multiple clients, offering an efficient way to deploy and monitor DMARC across various domains. Its simplicity reduces the learning curve for their teams.

How does Cloudflare compare with MyDMARC?

DMARC report analysis

Aggregated and forensic report parsing and visualization.

Source detection

Ability to identify and categorize legitimate and illegitimate sending sources.

Forward detection

Detection of email forwarding that might break DMARC authentication.

Spoof detection

Identify attempts to spoof your domain.

Notifications and alerts

Automated alerts for DMARC failures or policy changes.

Reporting

Comprehensive reports on DMARC compliance and email traffic.

API

Programmatic access to DMARC data and management.

Yes, as part of the broader Cloudflare API.

Not publicly advertised or a core feature.

Multi-tenancy

Manage multiple domains or client accounts from a single interface.

Available through organization accounts.

Not explicitly designed for multiple client management.

SPF flattening

Simplifies SPF records to avoid exceeding the 10-lookup limit.

Hosted DMARC

Option to host DMARC record externally, managed by the provider.

BIMI

Brand Indicators for Message Identification (BIMI) support.

MTA-STS/TLS-RPT

Support for Mail Transfer Agent Strict Transport Security and TLS Reporting.

Part of their broader security offerings.

Not a core feature of their DMARC tool.

Blocklists and reputation

Monitor domain or IP reputation on blocklists (or blacklists).

As part of their wider security portfolio.

Not a primary DMARC monitoring feature.

AI copilot

AI-powered assistance for DMARC analysis and recommendations.

Leverages AI for broader security insights.

Not a publicly advertised feature.

DNS monitoring

Monitor DNS records for changes or issues.

Integral to their DNS service.

Limited to DMARC-related DNS records.

Self hostable

Option to self-host the DMARC reporting solution.

Free trial/free tier

Availability of a free version or trial period.

DMARC Management currently in free beta.

Offers a permanent free plan.

Drawbacks and what to watch out for

Cloudflare's DMARC Management is still in beta, meaning features are evolving, and dedicated DMARC support might not be as mature as more established, specialized DMARC vendors. Its primary drawbacks often revolve around support responsiveness for non-enterprise plans and the potential for a steeper learning curve if you're not already in the Cloudflare ecosystem. For MyDMARC, a key drawback is the lack of public G2 reviews, which makes independent user feedback difficult to gauge. While its dedicated focus is a strength, it might lack some of the broader email security integrations found in larger platforms.

We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.

4.5 / 5(561)

0 / 5(0)

Horrible Support and Billing - They run with your money and don't care to get billing correct

0.0 / 5

What do you like best about Cloudflare Application Security and Performance? Ease of deployment, dashboard and configurations for the WAF, Cache, and other features are top tier with ease, settings, and logging. Just don't have an issue with them or you're on your own. Also, don't keep a credit card on file or they'll bill you for their mistakes. What do you dislike about Cloudflare Application Security and Performance? Customer support and billing. Their support does not read what you have to say but rather comes in with their own interpretation of what has happened and forces their views on your issue rather than trying to understand exactly what is happening. On two occassions in the last few months I have had this happen when I encountered an issue with the core product and their billing. The billing should be detailed further as it is sketchy business practices. Back in April they changed their billing software and charged me incorrectly for a month as it included the previous month as well (which I already paid). I brought this to their attention and the billing support assured me that it was not a problem. Come last week, they limited my account as I "had unpaid biling" so I contacted them again and brought attention to this wrong invoice that they never corrected. Come yesterday, they just charged my credit card on file without my authorization or explanination of what is going on. I've replied to the open ticket and created a new ticket and no one is answering. I don't want to be a drama case but this is ridiculous to have been charged something from months ago and not been given an explanation. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? Improve the security and performance of our websites/applications. Their configurable/customizable WAF, CDN/Caching, bot mitigation, and DDoS protection accomplish this for our websites/applications.

Jim M.

Owner Small-Business (50 or fewer emp.)

No G2 reviews

G2 is the most popular review platform for DMARC products, so this is a strong signal that this product is not popular.

Support very unresponsive. Not understanding P1 urgency. Delayed project 3 whole days.

0.0 / 5

What do you like best about Cloudflare Application Security and Performance? The website is intuitive, implementation steps are straightforward. It has numerous features, and they are indeed needed by a web app. What do you dislike about Cloudflare Application Security and Performance? If your implementation goes well, it's fine. However, if you are in trouble, the support doc is useless. You pay for the pro plan to try to get some technician support. No one cares about your business or service, even if you identify it as a P1 urgency. My project was down and could not get anyone to help me when I identified it as a high-impact ticket. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? The ticket support system is horrible. No technicians provide you with timely manner answers and support. Not worth the price.

Andrew Z.

Small-Business (50 or fewer emp.)

WAF is good, but so many half baked side features

2.5 / 5

What do you like best about Cloudflare Application Security and Performance? The WAF is pretty industry standard. Its not too slow, gets regular updates, easy to deploy and cheap What do you dislike about Cloudflare Application Security and Performance? The side features are just trash. Its clear they have been shipped and dropped. Cloudflare Bot Detection should not exist. Its not even funny how easy it is to bypass. Page Shield is a joke, their API security is a joke. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? OWASP top 10

Verified User in Computer Software

Small-Business (50 or fewer emp.)

Love the product- support could use some work

2.5 / 5

What do you like best about Cloudflare Application Security and Performance? Super easy to use. Very developer friendly. Tons of value for price. Undoubtedly #1 in WAF. What do you dislike about Cloudflare Application Security and Performance? Could use some better support. No direct channels for tech questions. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? It's providing great security for our web app.

Verified User in Computer Software

Mid-Market (51-1000 emp.)

Don't Pay for Support

2.5 / 5

What do you like best about Cloudflare Application Security and Performance? In general, cloudflare is really easy to navigate, especially for simple DNS and domain management. Unless you have a complicated setup, I find it easy enough to move a domain or simply manage DNS for most sites. What do you dislike about Cloudflare Application Security and Performance? Their support is terrible. Had an issue with a client's DNS and the person I was talking to clearly didn't have a clue what they were talking about. They took so long between answers, it seemed like they were just asking someone else. Ultimately, they were of no help and we were out the money we paid to have live support. What problems is Cloudflare Application Security and Performance solving and how is that benefiting you? Makes DNS and Security easy for most websites and domains.

Verified User in Marketing and Advertising

Small-Business (50 or fewer emp.)

Pricing

MyDMARC offers clear, tiered pricing suitable for varying needs, including a generous free plan, whereas Cloudflare's DMARC Management is currently in a free beta, with full pricing details for a stable release yet to be announced.

Small

Up to 10k emails / month

Free (beta)

Free (1 domain)

Medium

Up to 100k emails / month

Contact for pricing

$19/month

Large

Up to 1 million emails / month

Contact for pricing

$49/month