I said that it's "unlikely that someone else, either on my team or on the customer site, has the same background knowledge and experience that I do".
Oops, my bad. My appologies for that, keydet89, but the way I read it it sounded this way so I thought to point it out to you. Again my appologies.
)
Cheers
DarkSYN
Hi guys,
am looking for some ideas.
Am doing an email investigation, an email was sent out an we are trying to establish who sent the email. It was sent from a yahoo email address. The header information was not very useful because the person used a proxy server to send the mail, therefore not able to trace the source IP. All we see is the Proxy's IP.
Now, we have 2 suspects. I have acquired their machines and trying to do some analysis on them. Do you think a keyword search based on the content of the email would be worth doing?
When you send mail through yahoo, are any traces left on your machine?
I have tried looking at the IE Cache but am not seeing anything useful.
What would be the best approach? We are trying to establish whether the email originated from one of these machines.
Cheers.