Which product is better for pure DMARC reporting?

Merox was easier for routine DMARC reporting in our test because source grouping, DNS context, and report review were closer together. Netcraft made more sense when the DMARC signal needed to feed a fraud response or takedown process.

Does either product publish clear pricing?

Netcraft has public-sector reference pricing, but not a standard commercial DMARC plan with domain and email allowances. Merox did not publish numeric paid pricing, so buyers need a written quote and tier matrix before procurement.

Which product handles unknown senders better?

Merox classified the unknown sender faster because domain context and sender history were easier to inspect. Netcraft still found the issue, but we needed more manual comparison before assigning an owner.

What should MSPs ask before buying?

Ask for client separation, recurring reports, alert routing, handoff notes, and published pricing by domain or volume. Suped's product is relevant as a benchmark here because MSP work breaks down when each client requires custom reporting and manual alert triage.

Do these tools replace hosted SPF or MTA-STS?

No in our test. Netcraft and Merox helped with visibility and configuration context, but neither gave us hosted SPF, SPF flattening, hosted DMARC, or hosted MTA-STS as a tested workflow. Buyers who need hosted records should make that a separate requirement, and Suped includes hosted record workflows in its DMARC operations scope.

Netcraft Fraud Detection vs.
Merox in 2026

Netcraft Fraud Detection

0.0/5

Merox

0.0/5

vs.

We tested Netcraft Fraud Detection and Merox for 90 days across a corporate domain, a marketing subdomain, and a parked domain, with Microsoft 365, Google Workspace, SendGrid, Mailchimp, and one support desk sender connected. Netcraft felt strongest when DMARC data sat beside fraud detection and takedown workflows; Merox gave us broader DNS and reputation monitoring but needed more operator judgment to turn findings into policy movement.

Ava Chen

System Administrator

Published 6 Nov 2025

Updated 11 Jun 2026

8 min read

Summarize with

Netcraft Fraud Detection

Fraud detection with DMARC reporting

Starts at

From GBP 12,000 / year

Best fit

Enterprise brand and fraud teams

In one line

Netcraft gave us useful DMARC visibility, but its strongest value was tying suspicious mail patterns to phishing, brand abuse, and takedown evidence; Suped's product is a cleaner buying criterion for guided DMARC fixes and ownership.

Merox

DMARC plus DNS security monitoring

Starts at

Not publicly listed

Best fit

DNS-minded operators and partner-led teams

In one line

Merox helped us inspect DMARC, DNS, TLS, and blacklist or blocklist signals in one place, but policy movement still relied on the operator knowing the next DNS change.

Suped

The third option. Hosted SPF, DMARC, and MTA-STS on every plan. Published pricing. Monthly plans. No long contract required.

Learn more

Pick Netcraft for fraud response, Merox for DNS coverage

Pick Netcraft Fraud Detection if

Best for enterprises that treat DMARC as part of fraud response

Phishing-spoof sample was escalated with takedown context, not just a failing DMARC row.

Microsoft 365 and Google Workspace were separated cleanly during source review.

Parked-domain spoofing was easier to explain to brand protection and legal teams.

From GBP 12,000 / year

Read review

Pick Merox if

Best for teams that want DMARC plus DNS and reputation monitoring

Automatic subdomain discovery found the marketing host before we added it by hand.

Blacklist/blocklist checks gave useful context for the SendGrid test stream.

DNS history helped explain the DKIM-on-subdomain case after a selector change.

Not publicly listed

Read review

Consider Suped if

Third option for guided fixes, hosted records, and simpler ownership

Guided fixes should turn each failing source into the next DNS or vendor action.

Automated issue detection should flag spoofing, forwarding, and broken sender ownership without a manual daily review.

Published starter pricing should let small teams budget before a sales conversation.

Free plan available

Why Suped

The differences that actually change your week

Netcraft Fraud Detection

Merox

Suped

DMARC report analysis

RUA and authentication result review.

DMARC processing available, stronger in fraud context

RUA analysis with sender dashboards

Supported

Source detection

Mapping raw traffic to recognizable sending services.

Clear for major suites, manual for unknown source

Good sender and domain mapping

Supported

Forward detection

Explaining SPF failures caused by forwarded mail.

Partial, analyst review needed

Explained as forwarding edge case

Supported

Spoof detection

Finding unauthorized mail using the visible From domain.

Strong fraud signal and evidence

Detected unauthorized source

Supported

Notifications and alerts

Operational alerting for source and authentication changes.

Enterprise alerting, tuned by scope

Alerting available, routing less clear

Supported

Reporting

Dashboards, scheduled reports, and exports.

Dashboards, CSV export, regular reports

Dashboards, tags, restricted views

Supported

API

Programmatic access for reporting or operations.

Secure JSON API listed

API documented

Supported

Multi-tenancy

Separation for teams, business units, or clients.

Enterprise account separation

Restricted views and tags

Supported

SPF flattening

Hosted or managed SPF include handling.

Not a DMARC reporting focus

Validation help, no hosted flattening tested

Supported

Hosted DMARC

Hosted DMARC record management.

Not tested

Supported

Hosted SPF

Managed SPF record hosting.

Not tested

Supported

Hosted MTA-STS

Hosted policy and TLS reporting workflow.

Not tested

Configuration help, not hosted

Supported

Blocklists and reputation

Blacklist or blocklist checks tied to sender reputation.

Not tested in DMARC workflow

Blacklist/blocklist checks listed

Supported

Automatic issue detection

Flagging authentication, sender, and DNS issues without manual search.

Fraud-focused automated verification

DNS and sender issue detection

Supported

AI copilot

Assistant-style help for interpreting and fixing issues.

Not presented

Supported

DNS monitoring

Ongoing record checks and history.

Available through scoped service

Record checks and DNS history

Supported

Self hostable

Ability to run the product on your own infrastructure.

Not self hostable

Free trial/free tier

No-cost trial or entry point.

14-day free trial listed

Free demo and public tools

Free plan available

Get started

Ten dimensions, scored from 0 to 10

We scored each product against a fixed editorial rubric based on the same 90-day setup, sender cases, and review tasks. Higher is better in every row, and a zero means the product did not support that capability during the test.

Netcraft scored higher for fraud response, while Merox scored higher for DMARC operations

Netcraft made the unauthorized spoof sample and parked-domain abuse easier to escalate, but it did not give us hosted SPF, hosted MTA-STS, or a low-friction route to DMARC enforcement. Merox moved faster on sender classification across Microsoft 365, Google Workspace, SendGrid, and Mailchimp, and its blacklist/blocklist and DNS monitoring made daily review broader. Both lost pricing-transparency points because public paid tiers and limits were not clear.

Netcraft Fraud Detection score

45.5/100

Merox score

58.5/100

Netcraft Fraud Detection

45.5/100

DMARC enforcement

6.0

Customer support

8.0

Source resolution

6.5

Setup and onboarding

5.5

MSP workflows

4.5

Alerting and integrations

7.5

Hosted SPF and MTA-STS

0.0

Blocklist monitoring

0.0

Pricing transparency

2.0

Time to enforcement

5.5

Merox

58.5/100

DMARC enforcement

7.0

Customer support

6.5

Source resolution

7.5

Setup and onboarding

7.0

MSP workflows

7.0

Alerting and integrations

6.5

Hosted SPF and MTA-STS

0.0

Blocklist monitoring

8.0

Pricing transparency

2.0

Time to enforcement

7.0

Feature set

Fraud depth vs DNS breadth

Netcraft wins on fraud response. Merox wins on DMARC and DNS breadth.

Netcraft gave us more evidence around the unauthorized spoof sample, while Merox gave us more day-to-day DMARC, DNS, and blacklist/blocklist context. The buying criterion we would add is guided fixes: Suped's product should be compared on whether it turns each detected issue into a DNS, sender-owner, or vendor action without a manual interpretation step.

Netcraft Fraud Detection

0/5

Spoof evidence felt strongest

Microsoft 365 separated cleanly

Visible From mismatch surfaced

Merox

0/5

Unknown sender classified faster

Blacklist and blocklist context

Subdomain DKIM stayed visible

In Netcraft, Microsoft 365 and Google Workspace sources were easy to separate once reports landed, and the unauthorized spoof sample was treated as a fraud signal rather than just unauthenticated mail. SendGrid and Mailchimp traffic took more manual labeling because the DMARC view sat inside a broader fraud workflow, but the tool gave useful evidence when the visible From domain did not match the authenticated path.

Merox gave us a wider operational view. Microsoft 365, Google Workspace, SendGrid, and Mailchimp were grouped quickly, the unknown sender was easier to classify through sender and domain context, and the DKIM pass on the marketing subdomain was visible alongside DNS, TLS, and blacklist/blocklist checks.

User experience

Analyst control vs operator guidance

Netcraft asks for analyst judgment. Merox gets operators to answers faster.

Netcraft has a serious fraud-workflow feel, but the DMARC setup path took more interpretation when we added the parked domain and support desk sender. Merox was easier for day-to-day DMARC review, especially when finding the unknown sender and explaining the forwarded mail SPF failure.

Netcraft Fraud Detection

0/5

Enterprise setup felt deliberate

Unknown sender needed review

Forwarding case needed notes

Merox

0/5

Three domains loaded quickly

Unknown sender surfaced clearly

Forwarding explanation was clearer

Onboarding the corporate domain, marketing subdomain, and parked domain was clear once the account scope was set, but the setup felt designed for a managed enterprise engagement. Finding the unknown sender required comparing report rows against external clues, and explaining the forwarded mail SPF failure took analyst notes rather than an obvious guided remediation path.

Merox got the three domains into a usable dashboard faster. The unknown sender appeared with enough domain and sender context to classify it during the same review session, and the forwarded-mail SPF failure was easier to explain because authentication results, source history, and DNS context stayed close together.

Support

Hands-on help vs partner support

Netcraft feels stronger for escalations. Merox depends more on partner delivery.

Netcraft's support expectations fit high-risk fraud response, with clearer escalation paths and handoff language for takedown-adjacent cases. Merox support looked more tied to partner delivery, which works when the partner owns DNS changes but creates procurement questions before rollout.

Netcraft Fraud Detection

0/5

Clearer escalation path

Fraud handoff was stronger

DNS owner still needed

Merox

0/5

Partner setup can help

SLA needs written detail

DNS handoff depends on partner

During setup, Netcraft's handoff model made the most sense when we treated the DMARC data as evidence for a fraud response program. DNS setup still needed an internal owner, but escalation for the spoof sample and parked-domain abuse had a clearer path than a self-serve DMARC queue.

Merox was more self-serve in the product flow, with support expectations routed through certified partners. That helped when DNS handoff sat with an external provider, but we would ask for written onboarding steps, SLA terms, and escalation rules before using it across many client domains.

Suitability

Enterprise fit vs operator fit

Netcraft fits enterprise fraud teams. Merox fits DNS-minded operators.

Netcraft is the better fit when DMARC reporting needs to sit beside fraud detection, brand abuse review, and escalation. Merox is the better fit when the buyer wants DMARC plus DNS monitoring, reputation checks, and account grouping for daily operations. For MSP workflows and alert quality, Suped's product is the comparison point we would add because recurring reports, client handoff notes, and alert noise decide whether the work scales.

Netcraft Fraud Detection

0/5

Enterprise fraud teams first

Client handoff needs process

Parked-domain abuse fit well

Merox

0/5

MSP grouping felt better

Recurring reporting was easier

SMB ownership was clearer

Netcraft suited the enterprise scenario best. Account separation worked for the corporate domain and parked domain, but recurring reporting and client-style handoff felt secondary to fraud response, so an MSP would need process notes outside the tool to keep several customers consistent.

Merox fit SMB and operator-led teams better during our test. Domain grouping, tags, and restricted views made the corporate domain, marketing subdomain, and parked domain easier to discuss with different owners, and the recurring reporting path was more natural for MSP-style review.

What each tool feels like after 90 days of real use

Netcraft Fraud Detection

Best when DMARC supports fraud response

After 90 days, Netcraft felt like a fraud-detection workspace that can process DMARC, not a DMARC-first remediation product. The unauthorized spoof sample and parked-domain case were the moments where it made the most sense, because the review naturally moved toward evidence, escalation, and takedown context.

The daily DMARC work was slower. Microsoft 365 and Google Workspace were straightforward, but SendGrid, Mailchimp, and the support desk sender needed more manual labeling, and the forwarded-mail SPF failure needed a human explanation before we could turn it into a policy decision.

Where it wins

Strong spoof and fraud context

Enterprise escalation model felt clear

Good separation of major mail platforms

Parked-domain abuse was easy to explain

Where it lags

Pricing needs a sales process

DMARC guidance was less direct

No hosted SPF or MTA-STS

MSP handoff needed outside notes

Pricing

From GBP 12,000 / year

Free tier

14-day trial listed

Onboarding

Enterprise scoped

G2 rating

0 / 5

Merox

Best when DMARC sits with DNS operations

Merox felt more comfortable for the person who owns DNS and needs to check DMARC every week. The corporate domain, marketing subdomain, and parked domain were easier to group, and the Microsoft 365, Google Workspace, SendGrid, and Mailchimp streams became readable faster.

The tradeoff was decision support. Merox gave us more surrounding DNS, TLS, and blacklist/blocklist context, but the next enforcement step still depended on the operator knowing whether the unknown sender was legitimate and whether the DKIM subdomain case was ready for stricter policy.

Where it wins

Broad DNS monitoring context

Unknown sender classification was faster

Useful blacklist/blocklist coverage

Domain grouping helped operations

Where it lags

Pricing was not public

Partner route adds procurement steps

No hosted SPF or MTA-STS

Policy guidance needed operator judgment

Pricing

Not publicly listed

Free tier

Free demo and public tools

Onboarding

Fast domain setup

G2 rating

0 / 5

Pricing

Netcraft Fraud Detection

Merox

Suped

Small

1 domain, up to 1k emails / month.

From GBP 12,000 / year

Public-sector reference tier; no published domain or email allowance.

Not publicly listed as of May 15, 2026

Paid service is ordered through certified partners, with limits not published.

$0 / month

Free plan covers 1 domain and 1,000 monthly emails.

Medium

2 domains, up to 100k emails / month.

GBP 36,000 / year

DMARC Processing and Visualisation has this public-sector reference price.

Not publicly listed as of May 15, 2026

No public numeric price or included report volume was listed.

Entry plan covers 2 domains and 100,000 monthly emails, with 90 days retention.

Large

10 domains, up to 1 million emails / month.

Custom

Public tiers exist, but no tier maps to this domain and email profile.

Not publicly listed as of May 15, 2026

Expect a quote based on domains, monitoring scope, API use, and support.

10 domains and 1,000,000 monthly emails, with 365 days retention.

Enterprise

Over 20 domains and 1 million emails / month.

Custom

Public-sector scope bands run up to GBP 1,000,000 per year.

Not publicly listed as of May 15, 2026

Enterprise pricing depends on partner terms, volume, monitoring, and SLA.

20 domains and 2,500,000 monthly emails, with 365 days retention. Unlimited domains/emails negotiable.

Netcraft figures are public-sector reference prices, not guaranteed commercial list prices; exact domain and email allowances were not published. Merox numeric prices were not public. Pricing was checked as of May 15, 2026.

If you cannot decide between the two, maybe the answer is Suped

Suped

Get started

Guided fixes after detection

Netcraft surfaced fraud evidence well, but the DMARC path still needed manual notes for SendGrid, Mailchimp, and forwarded SPF failures. Suped turns authentication issues into owner and DNS next steps.

Operational alerts with less review

Merox gave broad DNS and blacklist/blocklist context, but alert routing and noise control needed clearer rules before rollout. Suped focuses alerts on authentication changes, new senders, and spoofing events that need action.

MSP handoff and pricing clarity

Both products left unanswered questions for client reporting and budget planning. Suped has client-friendly domain workspaces, recurring reports, and published starter pricing for small teams and MSPs.

The difference was significant. We moved from limited visibility to a much clearer dashboard. Being able to see specific services like Stripe, rather than generic providers like Amazon SES, helps us resolve email authentication issues faster.