email analysis Archives - Forensic Focus

Leveraging DKIM In Email Forensics

12th May 202027th May 2019

by Arman Gungor My last article was about using the Content-Length header field in email forensics. While the Content-Length header is very useful, it has a couple of major shortcomings: Most email messages do not have the Content-Length header field… Read more

Using The Content-Length Header Field In Email Forensics

12th May 202029th March 2019

by Arman Gungor As forensic examiners, we often have to analyze emails in isolation without the benefit of server metadata, neighbor messages, or data from other sources such as workstations. When authenticating an email in isolation, every detail counts—we review… Read more

Email Forensics: Investigation Techniques

12th May 202015th February 2019

by Chirath De Alwis Due to the rapid spread of internet use all over the world, email has become a primary communication medium for many official activities. Not only companies, but also members of the public tend to use emails… Read more

Forensic Examination Of Manipulated Email In Gmail

12th May 202029th January 2019

by Arman Gungor Last week, I came across an interesting post on Forensic Focus. The poster, jahearne, was asking about how one can detect manipulation of an existing email in Gmail. In his hypothetical scenario, the bad actor was using… Read more