Expert SMTP Evidence | Examination of Email Evidence as a Witness As an expert witness for email digital evidence examination, the SMTP mail server roles are an important area of focus. This blog post describes the different SMTP mail server roles and how they relate to expert witness testimony for Read more
Email Forensic Investigation Evidence: Log Retention used by a Witness For any successful email forensic investigation, the availability of email logs is a key requirement. Email messages are sent using the Simple Mail Transfer Protocol (SMTP), defined here. This blog post describes the importance of retaining the SMTP delivery logs Read more
Deleted Item Retention: Expert Email Evidence in Court Expert witness work for digital email forensics is often concerned with the recovery of deleted emails. A person may send an email, and then delete the email from their Sent Items, and also from their Deleted Items. And then claim they never Read more
Review SMTP Message Header as for Email Delivery Proof Email delivery proof can be found by examining the SMTP headers. The SMTP protocol has been around for a long time, and provides the ability for an email expert to trace the forensic email delivery path taken from the sender to Read more