E-mail Forensics For Real Life Application in Evidence Building

Main Article Content

Lokendra Kumar Tiwari
Shefalika Ghosh Samaddar, Chandra Kant Dwivedi


Computer Forensic, the upcoming branch of forensic science where acquiring, preserving, retrieving and presenting content processed
electronically and stored digitally, is used for legal evidence in computer related crimes or any other unethical practice involving manipulation
of digital content. Such digital content may take many forms which are manifested by different file formats and digital artifacts.
This paper concentrates on evidential usage of recovered deleted e-mail from off-line mail boxes to provide digital evidence in case of nonrepudiation
either by the sender or by the receiver. This is simply accomplished by using a digital forensic tool Encase 6.0 and applying a
capturing mechanism to prove legitimacy of the evidence. The step-by-step procedure is able to increase the practical insight in the capturing of
deleted e-mail as digital evidence of non-repudiation and is able to provide an example for preparing evidentiary e-mail for presentation in the
Court of Law or for preparation of any legal procedure. Recovery of deleted e-mails in the form of digital evidence requires certain legal
bindings which may be provided under this mechanism. This paper contributes to that extent that recovered files are ready digital evidence in
the Court of Law.




Keywords: E-mail recovery, E-mail forensic visualization, File recovery, .DBX file recovery, EnCase 6.0, Outlook Express mail recovery,
Evidentiary e-mail.


Download data is not yet available.

Article Details