Valimail presents itself as a fully automated solution for DMARC enforcement. It boasts sophisticated machine learning to identify and classify email sending sources, aiming to accelerate the path to DMARC enforcement (p=reject or p=quarantine) within a short timeframe. Their platform takes ownership of SPF and DKIM records, offering 'SPF flattening' to overcome the 10-DNS-lookup limit and managing DKIM keys.
Beyond core DMARC, Valimail offers a suite of advanced features like BIMI support, MTA-STS/TLS-RPT configuration (though some users report this as an add-on or not fully integrated), and extensive reporting with granular insights into email traffic, including legitimate versus fraudulent sources. The 'Enforce' product tiers add capabilities such as subdomain management, custom metadata, and privacy-safe RUF+ reports.
Open-DMARC-Analyzer, true to its name, is primarily an open-source DMARC report analyzer. Its core functionality revolves around processing aggregate DMARC reports (RUA) in XML format and presenting them in a more digestible interface. It provides basic insights into DMARC, SPF, and DKIM authentication results, allowing users to see sending sources, their compliance status, and the volume of emails.
As a self-hosted solution, it requires manual setup and configuration on a web server running PHP and MariaDB. This means that advanced features like automated SPF flattening, hosted DMARC, or direct management of DNS records are not inherently part of the software. Users are responsible for integrating any additional tools or processes needed for a complete DMARC solution beyond basic reporting and visualization.
How easy is each product to use
User experience
Valimail offers a highly intuitive and polished user interface. From our experience, the dashboard provides a clear, high-level overview of DMARC compliance and email traffic, making it accessible even for those with less technical expertise. The guided workflows for DMARC policy progression are particularly helpful, simplifying what can often be a complex process.
However, we've noted that some advanced features, especially in the higher-tier plans, might require a steeper learning curve to fully leverage. While the setup for DMARC enforcement is largely automated, initial DNS configuration still needs careful attention. Overall, it's designed for ease of use, aiming to reduce the manual burden of DMARC management.
Open-DMARC-Analyzer, being an open-source tool, presents a user experience that's more geared towards technically proficient users. The interface is functional for displaying DMARC reports, but it lacks the visual polish and guided workflows found in commercial alternatives. The initial setup is entirely manual, involving server configuration, database setup, and software deployment.
Once deployed, navigating the reports is straightforward, allowing us to filter and view aggregate data. However, for those accustomed to highly automated and intuitive SaaS platforms, the hands-on approach of Open-DMARC-Analyzer might feel less streamlined. Its simplicity can be a strength for specific use cases, but it means a less 'out-of-the-box' user experience.
Which product has the best support
Support
Valimail offers comprehensive support, especially for its paid tiers. We've experienced proactive onboarding assistance and a responsive support team that is generally friendly and knowledgeable. Customers frequently praise their customer service for helping with initial setup and addressing issues promptly, indicating a strong commitment to client success.
While a knowledge base is available for all users, dedicated account managers and technical account managers are perks for higher-tier clients, offering more personalized guidance. Some users, particularly in specific geographical regions like Australia, have mentioned that support response times can be affected by time zone differences, but overall, the quality of support is a significant advantage for Valimail.
Support for Open-DMARC-Analyzer is primarily community-driven, as is typical for open-source projects. This means there isn't a dedicated support team or official customer service channels in the traditional sense. Users rely on documentation, forums, or community discussions for troubleshooting and assistance.
While the open-source community can be very helpful, it lacks the guaranteed response times and personalized attention of commercial support. For organizations that require enterprise-level support or rapid problem resolution, this model might not be sufficient. We found that self-reliance and technical expertise are key when using Open-DMARC-Analyzer, as external support is not readily available.
Who should use each product
Suitability
Valimail is an excellent choice for enterprises and mid-market companies that prioritize automated, hands-off DMARC enforcement and advanced email security. Its comprehensive feature set, robust reporting, and dedicated support make it suitable for organizations with complex email ecosystems and a need for strong brand protection against phishing and spoofing.
For MSPs (Managed Service Providers), Valimail can be a strong offering to clients looking for a fully managed DMARC solution, especially given its capabilities for handling multiple domains and its SPF flattening feature. SMBs might find the 'Monitor' free tier useful for basic visibility, but the cost of premium features could be a barrier for full enforcement, unless their security posture is particularly critical.
Open-DMARC-Analyzer is best suited for individuals or organizations with strong technical capabilities and a desire for a self-hosted, open-source solution. It's ideal for those who prefer to maintain full control over their data and infrastructure, and who have the internal resources to deploy, configure, and manage the software themselves.
This tool is particularly attractive to developers, small tech-savvy businesses, or educational institutions that need DMARC reporting without incurring subscription costs. However, it's generally not suitable for MSPs or larger enterprises that require a managed service, dedicated support, or advanced features beyond basic report aggregation, as it would necessitate significant internal development and maintenance effort.
How does Valimail compare with Open-DMARC-Analyzer?
DMARC report analysis
Analyzes aggregate (RUA) and forensic (RUF) DMARC reports for insights.
Comprehensive analysis of RUA and RUF+ reports, with privacy enhancements.
Basic analysis of RUA reports, providing sender and compliance data.
Source detection
Identifies and categorizes all email sending sources for a domain.
Automated, AI-driven identification of known and unknown senders.
Identifies senders based on DMARC report data.
Forward detection
Identifies when legitimate emails are being forwarded.
Yes, helps differentiate legitimate forwards from spoofing attempts.
Not a primary feature, requires manual interpretation of reports.
Spoof detection
Detects attempts to impersonate your domain.
Advanced, AI-driven detection and blocking of impersonation.
Highlights non-compliant senders indicative of spoofing.
Notifications and alerts
Provides real-time alerts for DMARC failures or policy changes.
Configurable smart alerts for various DMARC events.
No built-in alert system, requires manual monitoring.
Reporting
Generates detailed reports on DMARC compliance and email traffic.
Extensive, downloadable, and executive reports across tiers.
Basic tabular and graphical reports from analyzed data.
API
Offers an API for integration with other systems.
Available as an add-on or included in Enterprise plans.
No official API, direct database access for custom integrations.
Multi-tenancy
Supports managing multiple domains or clients from a single interface.
Yes, with portfolio management for complex organizations.
Designed for single-instance, multi-domain possible with custom effort.
SPF flattening
Optimizes SPF records to avoid the 10-DNS-lookup limit.
Automated SPF flattening is a core feature for managed domains.
Not a feature, requires manual SPF management by user.
Hosted DMARC
Manages DMARC records on your behalf.
Yes, full management of DMARC, SPF, and DKIM records.
No, user must manually manage DNS records.
BIMI
Supports Brand Indicators for Message Identification (BIMI).
Available across all plans, 'Amplify' add-on for fast-tracking.
Not a feature, requires separate manual setup.
MTA-STS/TLS-RPT
Assists with Mail Transfer Agent Strict Transport Security and TLS Reporting.
Some support, but users note it's not always fully integrated.
Not a feature, requires separate manual setup.
Blocklists and reputation
Monitors sender reputation and checks against email blocklists (or blacklists).
Integrates reputation data into sender intelligence.
Not a feature, requires external blocklist (blacklist) checks.
AI copilot
Leverages artificial intelligence for guided DMARC management.
Uses machine learning for detection, classification, and enforcement.
No AI integration, manual analysis only.
DNS monitoring
Actively monitors changes to DNS records relevant to email authentication.
Yes, crucial for its automated management approach.
No, user is responsible for monitoring their DNS.
Self hostable
Can be installed and run on your own servers.
Cloud-based SaaS solution, not self-hostable.
Yes, designed as a self-hosted PHP and MariaDB application.
Free trial/free tier
Offers a free trial period or a permanently free tier.
Offers a generous 'Monitor' free tier with basic functionality.
Completely free open-source software, but hosting costs apply.
Drawbacks and what to watch out for
Valimail's primary drawbacks center around its cost and potential for vendor lock-in. While it simplifies DMARC management, some users find the pricing opaque or too high, especially for smaller businesses or for managing parked domains. The automated nature, while a benefit, also means less direct control over DNS records, which could make switching providers cumbersome. For Open-DMARC-Analyzer, the main hurdles are the lack of dedicated support and the need for significant technical expertise for setup and ongoing maintenance. Its open-source nature means you're responsible for all infrastructure and potential custom development.
We have pulled the average ratings from G2 for each product, and also included the most recent negative reviews for each product in full. Positive reviews tend to have less detail and have a higher chance of being fraudulent, so negative reviews are a better signal for your decision.
4.6 / 5(421)
0 / 5(0)
Easy DMARC Monitoring But Not Great
3.5 / 5
What do you like best about Valimail?
Valimail is pretty simple to setup and use. We were wanting to monitor some changes to DMARC, and Valimail was the platform we ultimately decided to use.
What do you dislike about Valimail?
A few things I don't like:
1. The free vs premium features are frustrating. I can't see enough value from free to validate a move to premium.
2. The Sender Requirement Failure feature is in beta and never really works. I can't only get it to work if I expand it before a week, and even then it's hit-or-miss.
3. It doesn't really do enough. Other platforms I've tried did a better job at helping to explain the WHY and HOW rather than just the what. Valimail primarily focuses on the WHAT.
4. Some of the feature organization is weird within the app, even after having used it for a few months. I can get more value in the account overview than the sender requirements failure, which is counter-intuitive IMO.
What problems is Valimail solving and how is that benefiting you?
We had a baselevel view of email security when I was initially hired and wanted to monitor the DMARC changes effectively.
Verified User in Construction
Small-Business (50 or fewer emp.)
No G2 reviews
G2 is the most popular review platform for DMARC products, so this is a strong signal that this product is not popular.
I like Valimail - mostly.
3.5 / 5
What do you like best about Valimail?
Good interface for viewing DMARC reporting information.
What do you dislike about Valimail?
Price, it'd be nice if they could institute a model based on volume rather than the number of email domains.
What problems is Valimail solving and how is that benefiting you?
Valimail provides DMARC provides good aggregate reporting for our email domains, allowing us to implement to the eventual reject policy goal.
Verified User in Real Estate
Mid-Market (51-1000 emp.)
Straightforward onboarding
4.0 / 5
What do you like best about Valimail?
Ease of set-up and great customer support.
What do you dislike about Valimail?
Some features aren't as developed as some competitors, however ultimately it's up to each organization to decide the value of those features.
What problems is Valimail solving and how is that benefiting you?
Being able to report on DMARC successes and failures, to help us fine-tune the configuration to ensure each domain is correctly configured.
Verified User in Oil & Energy
Enterprise (> 1000 emp.)
Valimail Simplifies DMARC Management, But Watch for Vendor Lock-In
4.0 / 5
What do you like best about Valimail?
My favorite thing about Valimail is having a single portal that puts all DMARC reports into an easy to understand view. Having this information allowed us to identify hundreds of 3rd party email sources sending on behalf of our domain. Doing this without such a portal would be incredibly difficult especially in a franchise setting like ours where we have more services sending on behalf of our domain than most other companies.
What do you dislike about Valimail?
Valimail isn't cheap but you definitely get what you pay for. I also grow concerned about vendor lock-in now that I have setup Valimail to handle DMARC, SPF and DKIM with no exist strategy.
What problems is Valimail solving and how is that benefiting you?
Valimail solves the problem of visibility into who is sending on our behalf and makes identifying them easy.
Verified User in Non-Profit Organization Management
Mid-Market (51-1000 emp.)
A Must-Have for Email Security
4.0 / 5
What do you like best about Valimail?
The best thing about Valimail is its fully automation feature as we can get the reports automated with whole monthly data .
As I prepare reports every month in which I have to include the malicious email data so I do not need to manually check each single thing , the Valimail does it for itself.
What do you dislike about Valimail?
The thing which I dislike about Valimai is that its little expensive especially for the businesses which are small nd not much expanded .
What problems is Valimail solving and how is that benefiting you?
The problem which Valimail is solving for me is the manual effort for exporting the data related to spam emails and its security checks are the best .It filters out the emails properly and which are suspicious , they get rejected easily .
Verified User in Transportation/Trucking/Railroad
Enterprise (> 1000 emp.)
Pricing
Valimail operates on a tiered subscription model, with a free monitoring plan and increasing costs for advanced enforcement and alignment features, while Open-DMARC-Analyzer is free open-source software, requiring users to cover their own hosting and infrastructure expenses.
Small
Up to 10k emails / month
Monitor (free), Enforce Starter ($5,000/year, contact for pricing)
Free, plus self-hosting costs
Medium
Up to 100k emails / month
Monitor (free), Enforce Premium (contact for pricing)
Free, plus self-hosting costs
Large
Up to 1 million emails / month
Monitor (free), Align Bronze ($19/month billed annually for 500k emails), Enforce Enterprise (contact for pricing)
Free, plus self-hosting costs
Enterprise
Over 1 million emails / month
Enforce Enterprise (contact for pricing), Align Bronze/Premium (contact for pricing for higher volume)
Free, plus self-hosting costs
Suped hard sell incoming!
Still not satisfied with Valimail or Open-DMARC-Analyzer?
4.6 / 5(421)
