I'm not sure why this announcement has generated so much irritation in the comments-- Cloudflare has been transitioning from "DDoS protection" to "AWS competitor" for many years now, and this is just their alternative to AWS SES.
It's an email sender that you can access through an API, or directly through Workers. For those who haven't been keeping up over the years, Workers is their product for running code on Cloudflare's platform directly (an AWS Lambda competitor, more or less) and they've been trying to make it the centerpiece of an ecosystem where you deploy your code to their platform and get access to a variety of tools: databases, storage, streaming, AI, and now email sending. All of this is stuff that AWS has had for years, but some people like Cloudflare more (I certainly do).
One thing that surprised me is the price-- Cloudflare's cloud offerings are usually much cheaper, and I've saved plenty of money by migrating from AWS S3 to Cloudflare's R2. This new offering is 3x the AWS price, though. Weird. Anyway, most small companies don't send enough email for it to matter.
But getting back to the consensus in the comments here: I'm not sure why people think that they'll be worse about policing spam than AWS SES, Azure Email, etc.
> But getting back to the consensus in the comments here: I'm not sure why people think that they'll be worse about policing spam than AWS SES, Azure Email, etc.
Cloudflare is (in)famous for not acting against spammers, fraud, piracy and other less savory groups that are hosting their stuff at/behind Cloudflare, so reasonably, people who've been affected by that are now afraid the same thing will happen with email.
When it comes to email delivery, you can't ignore spam. It's the bane of existence of every email sending service and the number one business challenge in that segment. After all, orchestrating delivery over SMTP is not rocket science. But getting that email to not be rejected totally IS rocket science and it's simultaneously an art form known only to a handful of email nerds working at the core of the big email sending services...
Ok, but what about as a CDN/website-proxy/WAF? I know we don't have the same automated reputation-propagation as with email, but same thing supposedly happens there, where eventually you get turned off if you don't act on lawful requests, which is exactly why Cloudflare is unavailable in Spain during La Liga matches, because Cloudflare don't take piracy streams down.
In theory, Cloudflare should take those down, when requested by legal means, but that doesn't matter. How sure are we that they'll act differently for email, instead of trying to get rid of the reputation system instead?
> getting that email to not be rejected totally IS rocket science and it's simultaneously an art form known only to a handful of email nerds working at the core of the big email sending services
It really isn't, you need a clean IP and a clean domain, send handful of emails and you're pretty much whitelisted on most services out there. Maybe you'd say I'm one of the handful, but I personally know more than a handful others who also run their own email services, just like me, and besides the usual hassle of running your own service, as long as you don't spam, your emails will arrive as usual.
I run an email sending service at scale (billions of messages per month, tens of millions of end users, thousands of customers). Most of our software development and operational effort revolves around abuse mitigation. That has been the case for 15 years. It's a cat-and-mouse game with two different mice: the senders, who are constantly trying to figure out how to get you to deliver their garbage; and the receivers, who are constantly trying to figure out how to block it. We're stuck in the middle.
It's hard to appreciate how difficult this battle is when running at scale.
We have reserved IPs for Email Service and will be protecting the reputation and fighting spam from originating on Email Service.
If we did not do so, our IPs would get flagged and then emails end up in spam or not delivered. That defeats the purpose of having a transactional Email Service. We're well aware of this.
I'm not sure if it's a correct impression but my impression is still that AWS is the "devil you know" and Cloudflare is less predictable with more individual decision making from high ups.
I guess they got that reputation years ago when the founders (?) got into public spats about what they would and wouldn't host. AWS is more lawyers and committees and seems more anonymous, so people don't necessarily like it more but they do trust it to be what it looks like more.
I've used their email relay services to forward it to my Microsoft account, every forward is rejected by Microsoft due to spam generated by Cloudflare. So I don't have much faith at least in their email services.
Cloudflare's cloud offerings are usually much cheaper, and I've saved plenty of money by migrating from AWS S3 to Cloudflare's R2. This new offering is 3x the AWS price, though. Weird. Anyway, most small companies don't send enough email for it to matter.
For certain types of marketing and transactional emails, it's cheaper I think. AWS SES pricing doesn't include attachments. If you assume a maxed out 25MB email attachment body, I think the price comes out to be mostly similar, amortized at least.
But if you are sending basic text/mostly text transactional emails for stuff like password resets, then SES comes out ahead for sure.
One thing that surprised me is the price-- Cloudflare's cloud offerings are usually much cheaper ... This new offering is 3x the AWS price, though. Weird.
c. 2022 Cloudflare had a free email sending service (via MailChannels) [0] until it was sunset in Aug 2024 [1].
Almost every SaaS (Spam as a Service) API ends up arguing its minority of legitimate users are a justified excuse for the majority of nuisance traffic.
Most cloud IP blocks already have very poor reputations, and or already on Spamhaus blacklists.
> One thing that surprised me is the [high] price [vs SES for example]
Not sure if you read the announcement closely:
> Sending email that actually reaches inboxes usually means wrestling with SPF, DKIM, and DMARC records. When you add your domain to Email Service, we configure all of it automatically. Your emails are authenticated and delivered, not flagged as spam.
they are a gatekeeper, and along with DDOS protection, they are also setting defacto internet policies, like what browser you should use to access websites.
Cloudflare is spending years of goodwill earned through technical skill, trending towards AI enshittification starting with their blog posts and vibe coded features/products.
The pricing is disappointing. I'm surprised Cloudflare has not tried to compete on price against AWS lately after a good start with R2. Queues, database storage, database writes, worker invocation all more expensive than the AWS offering.
It's funny. All the examples they show in the blogpost are just things that were already pretty easy without agents. Sending an email when the CI pipeline passes, when a support request is incoming, when an order is shipped. I think we haven't found a problem for this solution.
A classic "the tragedy of the commons" with the SMTP protocol.
When the cost of spamming is near 0.00, all open platforms will be abused to the tilt. We have seen the email channel get less and less reliable with our own clients (password recovery, notifications and etc).
This might evolve into a couple of oligopolies (Microsoft 365 Outlook, Google Gmail, may be some legacy email providers like Yahoo) and if you want delivery you'd need to pay them, because they'd be the verifiers that you're not a spammer.
And these platforms will have a hell of time to fight the spammers that will create millions of email addresses and spam trough them.
I seriously think this great! I’ve been saying that email is the right interface for agents for a while now. It is available anywhere, natively threaded, and works for asynchronous long-form communication. Comes with great clients as well.
I’ve been developing last three months by emailing Claude, with email threads mapping to an isolated workspace and claude -p. Works super well, especially when trying to get some coding done between everything else.
With right CLAUDE.md and a bit of workflow tooling this extends itself to building other kinds of agents as well. For example, I do my bookkeeping by emailing Claude my statements and receipts, which it then imports into a plain-text accounting system. And we’ve proven this in corporate environment as well, creating agent that can troubleshoot more complex issues by correlating diagnostic logs against product source code.
Once the basic “email agent” infrastructure is there, creating new agents becomes super simple.
Oof. I know of a startup that recently Show HN'd here, the agent mail.to, that is NOT having a good time right now. I don't know what all these new startups having moats thinner than Durex are thinking -- like, what the plan if someone does what you do, faster and cheaper?
While we’re adding antiquated and shitty ways to interface with your agent, can we add fax support? Maybe direct-to-mail service for postcards and flyers?
I feel like a lot of folks down here are focusing too much on the agent part. That's purely marketing. No one who worked on the service, I am sure, was building exclusively for agent usage.
This is simply the framing device that all marketing needs to present these days.
More spam at scale. I wish recipients of email had more control over the conditions to which the email is delivered to them, rather than after the fact curation…
I would pay for Cloudflare Workers Paid ($5) in a heartbeat and currently use the free version of cloudflare for all my DNS / Hosting etc. Where it does not meet my needs i have Dokpoly + Digital Ocean. I would use CloudFlare Containers. I currently pay for resend.com for all my email API needs.
The problem is that once you're on the paid plan, you're exposed to unlimited risk if your worker goes crazy due to a stupid code bug or if you're hacked. As a solo dev, it's a risk I simply cannot take; I could wake to a bankruptcy bill from Cloudflare. Even as a company, an employee could sign you up and your accounts team would have no idea of the risk.
I am using Supabase at the moment, and see they have a hard cap now. and so does Vercel after they had some nightmare stories of large bills in the past.
I am not sure why / what CloudFlare think about this - or simply dont care.
I’ll have to take a look at this as a way to move off my homegrown serverless email on AWS. Doesn’t look like it has parity with being able to send email from many subsystems safely (with delay and veto)[1], but is pretty close on the receive side automation[2].
Cloudflare is very transparent about their prefixes and reverse DNS, which is generally a good thing for the ecosystem! But it makes it trivial for operators who want to block the entire service, and extremely bad for Cloudflare's deliverability.
And while there are many open blacklists which I have no doubt Cloudflare monitors, there are many (including soft spam-classification signals) that are proprietary and difficult/impossible to monitor other than by watching rates of actual customer/prospect replies and engagement.
Amazon SQS has similar dynamics, and its reputation is far from stellar.
(If the Cloudflare team is reading this, and I'm missing an on-ramp to a company purchasing dedicated IPs with distinct PTR records, I do apologize! I'm not seeing documentation about this, though.)
Pushing agent workflows over email has some risks not present for HTTP. Transit security is still a problem for email as we're stuck in the opportunistic encryption stage. If you decide to use email-based agents, look into MTA-STS as a way to prevent downgrade attacks. It looks like Cloudflare supports this, but it isn't enabled by default or called out in the on-boarding process.
I think this is going to be a really good service: the service can be used easily with Workers making it super easy to not only send transactional emails but use it for forms embedded in Pages. I am very much looking forward to using this.
However, I still think AWS SES is the gold standard of deliverability because of their constant monitoring of your reputation (bounces etc). I always combine it with SendOps (https://sendops.dev/) for easy setup and deep analytics to avoid those issues.
I've been very happy with agentmail.to for a while with great success. You get 3K free emails per month with 3 inboxes. Paid tier starts at $0.20 per 1000 emails.
Everyone already has an email address, which means everyone can already interact with your application or agent. And your agent can interact with anyone.
please no.
>Sending email that actually reaches inboxes usually means wrestling with SPF, DKIM, and DMARC records. When you add your domain to Email Service, we configure all of it automatically. Your emails are authenticated and delivered, not flagged as spam.
this is going to be an absolute nightmare for spam. i cant exactly block all of cloudflare...
it would be nice if anyone at cloudflare could write about how they plan to proactively reduce abuse of this feature, how they will respond to spam reports, what the punishment for abuse will be, etc.
I wish they had developed the open source Inbox into a consumer hosted email service for users. It would have been nice to see more competition with Google and Microsoft.
This is a very long post just to say they're now running an SMTP server. I've been sending and receiving emails from Workers for two years; though for sending, you still need an external SMTP server like SES or Postmark.
Don't get me wrong, sending (and delivering) emails is genuinely hard. But we'll only know how good Cloudflare is at it after a couple years of real-world experience.
Not all email automation is spam and if you want your emails to not end up in spam folder, you pretty much have to go with Google Workspace and pay for essentially entire business suite when you just want to send emails. I needed something like this for my project and it's pretty much Google Workspace or nothing.
Sending and receiving is in my mind the easy part. The hardest part is to make this work with actual AI agents. This is the same problem as with sub-agent communication because you need to implement all kinds of additional fictionality to ensure the agent is not just responding for no good reason, go into loops, etc.
How much do existing services trust new email service providers? It would seem to be an uphill battle for Cloudflare to start a new service. It's easy to automate from the start, meaning it's easier to send spam. I suppose reputation is not simply based on the domain the email comes from?
It's certainly interesting that they provide an email service now. In their documentation/blog recommendations they switched their recommended approach twice or three times already.
If they establish a solid email solution I will likely use that for some of the projects I'm hosting there.
I'm having a hard time figuring out if I could use this as a replacement for something like AWS WorkMail or E365. The "Agentic" inbox looks really nice, but is this intended for humans to use? I am really confused due to the marketing hype.
205 comments
It's an email sender that you can access through an API, or directly through Workers. For those who haven't been keeping up over the years, Workers is their product for running code on Cloudflare's platform directly (an AWS Lambda competitor, more or less) and they've been trying to make it the centerpiece of an ecosystem where you deploy your code to their platform and get access to a variety of tools: databases, storage, streaming, AI, and now email sending. All of this is stuff that AWS has had for years, but some people like Cloudflare more (I certainly do).
One thing that surprised me is the price-- Cloudflare's cloud offerings are usually much cheaper, and I've saved plenty of money by migrating from AWS S3 to Cloudflare's R2. This new offering is 3x the AWS price, though. Weird. Anyway, most small companies don't send enough email for it to matter.
But getting back to the consensus in the comments here: I'm not sure why people think that they'll be worse about policing spam than AWS SES, Azure Email, etc.
> But getting back to the consensus in the comments here: I'm not sure why people think that they'll be worse about policing spam than AWS SES, Azure Email, etc.
Cloudflare is (in)famous for not acting against spammers, fraud, piracy and other less savory groups that are hosting their stuff at/behind Cloudflare, so reasonably, people who've been affected by that are now afraid the same thing will happen with email.
In theory, Cloudflare should take those down, when requested by legal means, but that doesn't matter. How sure are we that they'll act differently for email, instead of trying to get rid of the reputation system instead?
> getting that email to not be rejected totally IS rocket science and it's simultaneously an art form known only to a handful of email nerds working at the core of the big email sending services
It really isn't, you need a clean IP and a clean domain, send handful of emails and you're pretty much whitelisted on most services out there. Maybe you'd say I'm one of the handful, but I personally know more than a handful others who also run their own email services, just like me, and besides the usual hassle of running your own service, as long as you don't spam, your emails will arrive as usual.
It's hard to appreciate how difficult this battle is when running at scale.
We have reserved IPs for Email Service and will be protecting the reputation and fighting spam from originating on Email Service.
If we did not do so, our IPs would get flagged and then emails end up in spam or not delivered. That defeats the purpose of having a transactional Email Service. We're well aware of this.
I guess they got that reputation years ago when the founders (?) got into public spats about what they would and wouldn't host. AWS is more lawyers and committees and seems more anonymous, so people don't necessarily like it more but they do trust it to be what it looks like more.
Probably just a function of time and size.
>
Cloudflare's cloud offerings are usually much cheaper, and I've saved plenty of money by migrating from AWS S3 to Cloudflare's R2. This new offering is 3x the AWS price, though. Weird. Anyway, most small companies don't send enough email for it to matter.For certain types of marketing and transactional emails, it's cheaper I think. AWS SES pricing doesn't include attachments. If you assume a maxed out 25MB email attachment body, I think the price comes out to be mostly similar, amortized at least.
But if you are sending basic text/mostly text transactional emails for stuff like password resets, then SES comes out ahead for sure.
>
One thing that surprised me is the price-- Cloudflare's cloud offerings are usually much cheaper ... This new offering is 3x the AWS price, though. Weird.c. 2022 Cloudflare had a free email sending service (via MailChannels) [0] until it was sunset in Aug 2024 [1].
[0] https://blog.cloudflare.com/sending-email-from-workers-with-...
[1] https://support.mailchannels.com/hc/en-us/articles/456589835... / https://archive.vn/xNLzv
Most cloud IP blocks already have very poor reputations, and or already on Spamhaus blacklists.
People have a right to choose to be upset. =3
> One thing that surprised me is the [high] price [vs SES for example]
Not sure if you read the announcement closely:
> Sending email that actually reaches inboxes usually means wrestling with SPF, DKIM, and DMARC records. When you add your domain to Email Service, we configure all of it automatically. Your emails are authenticated and delivered, not flagged as spam.
this service is batteries included. SES is not.
When the cost of spamming is near 0.00, all open platforms will be abused to the tilt. We have seen the email channel get less and less reliable with our own clients (password recovery, notifications and etc).
This might evolve into a couple of oligopolies (Microsoft 365 Outlook, Google Gmail, may be some legacy email providers like Yahoo) and if you want delivery you'd need to pay them, because they'd be the verifiers that you're not a spammer.
And these platforms will have a hell of time to fight the spammers that will create millions of email addresses and spam trough them.
$0.35 per 1,000 emails
Here are the limits:
"Your account may have daily sending limits based on Cloudflare's assessment of your account standing. "
Source: https://developers.cloudflare.com/email-service/platform/pri... https://developers.cloudflare.com/email-service/platform/lim...
I’ve been developing last three months by emailing Claude, with email threads mapping to an isolated workspace and claude -p. Works super well, especially when trying to get some coding done between everything else.
With right CLAUDE.md and a bit of workflow tooling this extends itself to building other kinds of agents as well. For example, I do my bookkeeping by emailing Claude my statements and receipts, which it then imports into a plain-text accounting system. And we’ve proven this in corporate environment as well, creating agent that can troubleshoot more complex issues by correlating diagnostic logs against product source code.
Once the basic “email agent” infrastructure is there, creating new agents becomes super simple.
This is simply the framing device that all marketing needs to present these days.
The problem is that once you're on the paid plan, you're exposed to unlimited risk if your worker goes crazy due to a stupid code bug or if you're hacked. As a solo dev, it's a risk I simply cannot take; I could wake to a bankruptcy bill from Cloudflare. Even as a company, an employee could sign you up and your accounts team would have no idea of the risk.
I am using Supabase at the moment, and see they have a hard cap now. and so does Vercel after they had some nightmare stories of large bills in the past.
I am not sure why / what CloudFlare think about this - or simply dont care.
> Everyone already has an email address
Things developers believe about email
[1] https://github.com/mlhpdx/email-origin [2] https://github.com/mlhpdx/email-delivery
Seems like you can only send email via the worker or REST API for now?
Can I send via SMTP? I'm using Supabase and it needs the SMTP credentials.
I can't find anything on the dashboard or on the docs, even though last year they said it supports SMTP [0]
[0] https://blog.cloudflare.com/email-service/
Cloudflare is very transparent about their prefixes and reverse DNS, which is generally a good thing for the ecosystem! But it makes it trivial for operators who want to block the entire service, and extremely bad for Cloudflare's deliverability.
And while there are many open blacklists which I have no doubt Cloudflare monitors, there are many (including soft spam-classification signals) that are proprietary and difficult/impossible to monitor other than by watching rates of actual customer/prospect replies and engagement.
Amazon SQS has similar dynamics, and its reputation is far from stellar.
(If the Cloudflare team is reading this, and I'm missing an on-ramp to a company purchasing dedicated IPs with distinct PTR records, I do apologize! I'm not seeing documentation about this, though.)
How's that compare?
From the dashboard link:
> Enable Email Sending Email Sending is currently only available with the Workers Paid plan. Upgrade your plan to start sending emails.
https://developers.cloudflare.com/email-routing/setup/mta-st...
However, I still think AWS SES is the gold standard of deliverability because of their constant monitoring of your reputation (bounces etc). I always combine it with SendOps (https://sendops.dev/) for easy setup and deep analytics to avoid those issues.
Disclaimer: I don't work for agentmail.
>
Everyone already has an email address, which means everyone can already interact with your application or agent. And your agent can interact with anyone.please no.
>Sending email that actually reaches inboxes usually means wrestling with SPF, DKIM, and DMARC records. When you add your domain to Email Service, we configure all of it automatically. Your emails are authenticated and delivered, not flagged as spam.
this is going to be an absolute nightmare for spam. i cant exactly block all of cloudflare...
it would be nice if anyone at cloudflare could write about how they plan to proactively reduce abuse of this feature, how they will respond to spam reports, what the punishment for abuse will be, etc.
Don't get me wrong, sending (and delivering) emails is genuinely hard. But we'll only know how good Cloudflare is at it after a couple years of real-world experience.
Cloudflare just filled a huge gap.
Sending and receiving is in my mind the easy part. The hardest part is to make this work with actual AI agents. This is the same problem as with sub-agent communication because you need to implement all kinds of additional fictionality to ensure the agent is not just responding for no good reason, go into loops, etc.
My $0.02 from experience.
If they establish a solid email solution I will likely use that for some of the projects I'm hosting there.