Cloudflare's DMARC Management solution is relatively new to their extensive suite of security and performance products. We find it integrates well with their broader ecosystem, offering a more unified approach to internet asset management. It focuses on simplifying DMARC deployment and providing visibility into email authentication.
The DMARC offering is part of Cloudflare's larger strategy to secure internet properties, meaning it's often used by organizations already leveraging other Cloudflare services. It aims to provide easy-to-understand DMARC reporting, helping users move towards a stricter DMARC policy without the usual headaches.
Report-URI is a long-standing specialist in reporting for various internet security policies, with DMARC being a core part of its offering. We've seen it provide deep insights into DMARC, SPF, and DKIM performance, offering granular data for troubleshooting and policy enforcement. Its focus is purely on reporting and analysis, not broader infrastructure.
The platform excels at taking raw DMARC aggregate and forensic reports and presenting them in an actionable format. It's designed for users who need detailed information about their email streams, including source identification, threat detection, and the impact of their DMARC policy. Its dedicated nature allows for a refined, focused feature set.
How easy is each product to use
User experience
Cloudflare's dashboard is generally known for its user-friendly interface, and its DMARC management is no exception. We found the setup process to be straightforward, especially if you're already managing your DNS through Cloudflare. The reports are presented clearly, making it easy to identify key trends and issues.
However, for those not already within the Cloudflare ecosystem, there might be a slight learning curve to navigate the broader platform. The DMARC specific UI is intuitive, but understanding where it fits within the larger Cloudflare offering can take a moment. Overall, it's designed for efficiency and ease of integration.
Report-URI's user interface is highly functional and designed for email security professionals who need deep dives into data. While it might not have the flashy aesthetics of some newer tools, we appreciate its clarity and the direct access it provides to critical information. The learning curve is moderate, catering to users familiar with email authentication concepts.
The dashboard clearly displays DMARC compliance rates, SPF/DKIM authentication results, and detected sources. We find it allows for effective drill-downs into specific data points, helping to quickly diagnose issues. It prioritizes data presentation and analytical tools over simplified summaries, which can be a double-edged sword depending on your expertise.
Which product has the best support
Support
Cloudflare offers tiered support, with free users relying heavily on their extensive documentation and community forums. For paid plans, we've experienced more direct access to support engineers. However, the quality can vary, and some users report slower response times for non-critical issues.
Their DMARC service is still in beta, which means support for this specific feature might be evolving. While the broader Cloudflare support is robust for core services, we'd advise checking the specifics for DMARC if dedicated, rapid assistance is a high priority for your team.
Report-URI, being a specialized service, generally provides knowledgeable support for DMARC related queries. We found their team to be responsive and helpful, particularly when dealing with complex reporting issues or policy implementations.
As a more focused product, their support staff are typically well-versed in the nuances of email authentication. While it may not offer the same extensive global support infrastructure as a larger company, the specialized expertise can be a significant advantage when you need precise answers to DMARC challenges.
Who should use each product
Suitability
Cloudflare's DMARC Management is best suited for organizations already using or planning to use other Cloudflare services. It's an excellent addition for those seeking a consolidated approach to web security, DNS, and email authentication. SMBs can benefit from the ease of integration if they're already on Cloudflare's platform.
For enterprise clients, it offers a scalable solution that fits into a broader security strategy, especially if they are looking to leverage Cloudflare's extensive global network. MSPs might find it useful if their clients are already Cloudflare users, but it's not designed as a standalone DMARC offering for multi-tenancy.
Report-URI is ideal for organizations or individuals who need a dedicated, in-depth DMARC reporting and analysis tool. It's particularly strong for those who want to understand the granular details of their email flows and have the expertise to act on that information. SMBs with a strong focus on email security can benefit from its specialized features.
Enterprise users with complex email environments or a need for detailed compliance reporting will appreciate its analytical capabilities. For MSPs, Report-URI offers a robust platform for managing multiple client domains, providing the detailed visibility needed to implement and enforce DMARC policies effectively across various clients.
DMARC report analysis
Translates raw DMARC reports into actionable insights.
Provides clear, integrated DMARC reports.
Offers deep, specialized DMARC report analysis.
Source detection
Identifies all sending sources for your domain.
Detects sending sources as part of DMARC reporting.
Accurately identifies all legitimate and fraudulent sources.
Forward detection
Recognizes email forwarding to prevent DMARC failures.
Includes some mechanisms for forward visibility.
Robustly handles and reports on forwarded emails.
Spoof detection
Identifies and reports on unauthorized email sending (spoofing).
Central to DMARC reporting, effective at detecting spoofing.
Highly effective in pinpointing spoofing attempts.
Notifications and alerts
Provides alerts for DMARC policy changes or anomalies.
Offers customizable alerts within the Cloudflare ecosystem.
Provides detailed, actionable notifications for DMARC events.
Reporting
Generates comprehensive DMARC compliance and threat reports.
Produces aggregate DMARC reports.
Delivers in-depth aggregate and forensic reports.
API
Allows programmatic access to DMARC data and configuration.
Extensive APIs available for integration.
Provides API for data retrieval and automation.
Multi-tenancy
Supports managing multiple domains or client accounts from one interface.
Account structures allow for managing multiple domains.
Designed with multi-domain and multi-user capabilities.
SPF flattening
Simplifies complex SPF records to avoid lookup limits.
Offers SPF flattening as part of its DNS features.
Not a primary feature, usually handled by a DNS provider.
Hosted DMARC
Manages your DMARC record, often alongside other DNS records.
Can host your DMARC record via its DNS service.
Assists with DMARC record generation and hosting advice.
BIMI
Brand Indicators for Message Identification support.
Supports BIMI implementation and reporting.
Provides tools and insights for BIMI adoption.
MTA-STS/TLS-RPT
Support for Mail Transfer Agent Strict Transport Security and TLS Reporting.
Comprehensive support for MTA-STS and TLS-RPT.
Offers reporting for TLS-RPT.
Blocklists and reputation
Monitors IP reputation and blocklists.
Integrates with its broader security and threat intelligence.
Focuses primarily on DMARC, not general blocklist monitoring.
AI copilot
AI-powered assistant for insights and actions.
Leverages AI across its security products.
Not a core feature of their current DMARC offering.
DNS monitoring
Monitors DNS records for changes or issues.
Core offering with extensive DNS monitoring.
Focuses on DMARC, not general DNS health.
Self hostable
Option to host the software on your own infrastructure.
Cloud-based SaaS, not self-hostable.
Cloud-based SaaS, not self-hostable.
Free trial/free tier
Availability of a free version or trial period.
DMARC Management currently in free beta with a waitlist, and general free tiers exist.
Offers a free tier for basic DMARC monitoring.
When considering Cloudflare, potential drawbacks often revolve around its support, which can be inconsistent for lower-tier plans or specific beta features like DMARC. Some users also find that its vast array of services can lead to a steep learning curve. Report-URI, while excellent at DMARC, has a less polished user experience and offers fewer integrated email security features beyond DMARC, SPF, and DKIM.
We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.
4.5 / 5(561)
5 / 5(1)
Horrible Support and Billing - They run with your money and don't care to get billing correct
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
Ease of deployment, dashboard and configurations for the WAF, Cache, and other features are top tier with ease, settings, and logging. Just don't have an issue with them or you're on your own. Also, don't keep a credit card on file or they'll bill you for their mistakes.
What do you dislike about Cloudflare Application Security and Performance?
Customer support and billing. Their support does not read what you have to say but rather comes in with their own interpretation of what has happened and forces their views on your issue rather than trying to understand exactly what is happening. On two occassions in the last few months I have had this happen when I encountered an issue with the core product and their billing.
The billing should be detailed further as it is sketchy business practices. Back in April they changed their billing software and charged me incorrectly for a month as it included the previous month as well (which I already paid). I brought this to their attention and the billing support assured me that it was not a problem. Come last week, they limited my account as I "had unpaid biling" so I contacted them again and brought attention to this wrong invoice that they never corrected. Come yesterday, they just charged my credit card on file without my authorization or explanination of what is going on. I've replied to the open ticket and created a new ticket and no one is answering.
I don't want to be a drama case but this is ridiculous to have been charged something from months ago and not be given an explanation.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Improve the security and performance of our websites/applications. Their configurable/customizable WAF, CDN/Caching, bot mitigation, and DDoS protection accomplish this for our websites/applications.
Jim M.
Owner Small-Business (50 or fewer emp.)
Monitoring for PROs
5.0 / 5
What do you like the most about New Relic is how easy it is instal the trackers on the different well know servers and systems like Apache, AWS, S3 Object etc. The visualisation is the live data are great.
Sometimes it is difficult to delete a tracker if it still detects trafic. You can't delete them if the tracker continues to receive records - something that happens regularly when we have used CDN networks
Use the correct version of the tracker for your specific system
It solved the live monitoring problem and extra expenses for monitoring softwares that monitor the health and the responsiveness of our services and platforms. It is also connected with Atlassian Statuspage which give a better performance view for our clients.
Vasilis Filippos S.
Web Developer Small-Business (50 or fewer emp.)
Support very unresponsive. Not understanding P1 urgency. Delayed project 3 whole days.
0.0 / 5
What do you like best about Cloudflare Application Security and Performance?
The website is intuitive, implementation steps are straightforward. It has numerous features, and they are indeed needed by a web app.
What do you dislike about Cloudflare Application Security and Performance?
If your implementation goes well, it's fine. However, if you are in trouble, the support doc is useless. You pay for the pro plan to try to get some technician support. No one cares about your business or service, even if you identify it as a P1 urgency. My project was down and could not get anyone to help me when I identified it as a high-impact ticket.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
The ticket support system is horrible. No technicians provide you with timely manner answers and support. Not worth the price.
Andrew Z.
Small-Business (50 or fewer emp.)
WAF is good, but so many half baked side features
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
The WAF is pretty industry standard. Its not too slow, gets regular updates, easy to deploy and cheap
What do you dislike about Cloudflare Application Security and Performance?
The side features are just trash. Its clear they have been shipped and dropped.
Cloudflare Bot Detection should not exist. Its not even funny how easy it is to bypass.
Page Shield is a joke, their API security is a joke.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
OWASP top 10
Verified User in Computer Software
Small-Business (50 or fewer emp.)
Love the product- support could use some work
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
Super easy to use. Very developer friendly. Tons of value for price. Undoubtedly #1 in WAF.
What do you dislike about Cloudflare Application Security and Performance?
Could use some better support. No direct channels for tech questions.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
It's providing great security for our web app.
Verified User in Computer Software
Mid-Market (51-1000 emp.)
Don't Pay for Support
2.5 / 5
What do you like best about Cloudflare Application Security and Performance?
In general, cloudflare is really easy to navigate, especially for simple DNS and domain management. Unless you have a complicated setup, I find it easy enough to move a domain or simply manage DNS for most sites.
What do you dislike about Cloudflare Application Security and Performance?
Their support is terrible. Had an issue with a client's DNS and the person I was talking to clearly didn't have a clue what they were talking about. They took so long between answers, it seemed like they were just asking someone else. Ultimately, they were of no help and we were out the money we paid to have live support.
What problems is Cloudflare Application Security and Performance solving and how is that benefiting you?
Makes DNS and Security easy for most websites and domains.
Verified User in Marketing and Advertising
Small-Business (50 or fewer emp.)
Cloudflare's DMARC Management is currently in free beta, while Report-URI offers a free tier but typically requires contacting for enterprise pricing.
Small
Up to 10k emails / month
Free Beta waitlist, Free plans available
Free tier available
Medium
Up to 100k emails / month
Contact for pricing
Contact for pricing
Large
Up to 1 million emails / month
Contact for pricing
Contact for pricing
Enterprise
Over 1 million emails / month
Contact Sales for custom plans
Contact for pricing
Suped hard sell incoming!
Still not satisfied with Cloudflare or Report-URI?
4.5 / 5(561)
