MailXaminer – Specialized Email Forensics Tool.
Dedicated to simplify email forensics with a result – oriented approach
Being pioneers of data recovery, we have a great understanding of the anatomy of emails and carving information from email header data. With increasing expertize, we have precisely gained complete info about 20+ email formats. MailXaminer is being used by thousands of forensics professionals around the globe and thus, stands as a benchmarked email forensics tool; quenching each and every required need of email investigations.
“Designed from the ground up, as an Email Examination Tool; MailXaminer supports 20+ email file formats and 750+ MIME types. Thus, leveraging the examination of 80+ email clients.”
Salient Features of Email Forensics Tool
- Agile & robust Keyword based Search filter to find the evidence from the email data instantly
- Recover deleted email components & present the evidence in suitable formats that are acceptable in court.
- Examine the email messages of iCloud, Office365, Rackspace, Gmail, Hotmail & Live Exchange Server.
- Track connection among multiple suspects by making use of Intelligent Link Analysis mechanism.
- The pornographic/obscene images available within emails can be analyzed using Skin Tone Analysis mechanism.
- An Export Report comprising of detailed info can be generated in HTML, CSV & PDF file formats.
- Manage the complete case as well as analyze the filtered evidence via creation of Case Repository.
- The Team Collaboration feature assists multiple investigators to work on the same case in collaboration.
- Analyze and investigate the data available within E01, DD and DMG file types.
- Without dismounting/disconnecting the Exchange EDB file, investigate Live Exchange Server mailbox data.
- Get complete information about available data within the suspect file via graph based Dashboard View.
- Image geo location mapping facility to track the location from available image’s EXIF data.
From the task of comprehensive mail viewing to a powerful search mechanism to carve evidences from emails; MailXaminer posses all those factors needed for a tool to be a perfect eDiscovery solution. With this email forensics software; you can scan, view, search, investigate, analyse, smart review and report huge volume of emails in a very less amount of time. The tool perfectly matches your e–Discovery requirements, thus, delivering a potential and well versed e–Discovery platform.
Examine almost 80 + different email formats or applications and migrate them to different formats like concordance, PDF, EML, MSG, PST, CSV and many more, with the effective email migration capability of MailXaminer; an email header analyzer tool. We help you examine & migrate almost all web based or desktop email application; of which Gmail, Google Apps, Yahoo Mail, Office365 is the few names.
Being a platform independent solution, MailXaminer can be used to thoroughly investigate a huge set of email data ranging from Web based emailing applications to any desktop based email client. We have added the support for almost every format; which an emailing application supports and are commonly used. Added to this, searching feature has been made awesomely powerful yet simple to apply so as to carve the artifacts from the core of Terabytes of email data.
Whether you need to perform forensic email header analysis or examine its MD5 hash value; this tool fits your every requirement. By putting our years of experience in understanding the anatomy of emails, we have made MailXaminer a complete solution for the forensic examination of emails and generate an authentic report; which can be further produced in front of court of law. Besides viewing emails in HTML or RTF formats and reading email’s property, attachments, body; features like team collaboration, sending file for review, bookmarking or tagging important mails for categorization makes MailXaminer a fully loaded email investigation tool.
Advanced case management facility like creating case repository, analyze & recover email, scan status, interactive dashboards, log files and bookmarking options make the entire investigation much more efficient and faster.
Artifact Support Enhanced
A wider range of email repositories are now examined as part of enhancing artifacts support. Local as well as web based email storage analysis scope is extended with the addition of eM Client, Zoho, Kerio Connect, hMailServer, MDaemon Server, Zimbra, KMail, Maildir, Dovecot Zimbra Server and many more.
Share Case Progress on Cloud
All case related progress or evidence can be shared by the custodians over web / on cloud with fellow investigators for review purpose. This can be accomplished via Shared Location, Mail Settings, or over Cloud.
Skin Tone Detection & Analysis*
Skin tone based analysis can be performed on media files, particularly images. The intensity of detection can be adjusted accordingly from very low, low, high, to very high respectively for accurate results.
Video files such as .mp4, .avi, .3gp and many more can now be investigated using the software for detection of availability of pornographic content. The parameters deciding the intensity of detection fall between the range of very low and very high.
Geolocation Mapping – Export Image Attachments into KML
KML (Keyhole Markup Language) file format is used to save and display the geographic data Google Maps and Google Earth. The available image attachments having GPS locations can be exported using “Export as KML”; and can be viewed using Google Earth.
Enhanced Document Support
The supported document formats available within the respective image files such as E01, DD and DMG can now be examined and analyzed. This extended support to disk image files does not impose any sort of limitation on the file size.
On the basis of filters, rules and patterns, at the time of scanning of the evidence file, the available items can be automatically tagged as per the available categories such as Spoofed Docs, Shared Links and PII number.
Super Grid Data Filter
An advanced Grid control algorithm has been embedded in the software. This Grid control ensures enhanced and more accurate filtering of the data. Learn More →
Acquisition Support for Network
Acquisition support for network offers assistance to investigators for scanning files from a “Network or Domain”. It is possible to acquire and preserve artifacts directly from the network.
SHA1 Algorithm Support
SHA1 being developed by NSA, represents a cryptographic hash function. The latest v4.8 of MailXaminer now provides an extended support to the hash function SHA1 during analysis.
Multiple Email Format Support
The software support more than 20 file type of email clients either they are desktop based (Outlook, Lotus Notes etc.) or web based (Gmail, Yahoo etc). Bookmark, Search, Export, Preview & Restrict from Export options are applicable to emails. Learn More →
Advance Link Analysis
Link analysis intelligence has been added within the tool now to visualize and analyze the email communication between two or more users. It is now possible to track the direct & indirect conversation of the users in a group to figure out actual suspect.
Export Case Report
Reporting feature of the tool has now been made smarter to preview and export the reports of case, keywords, tags, bookmark etc. It is now possible to export the senders report, recipients report, domain wise report, domain wise senders report, domain wise recipients report in HTML, PDF & CSV file formats.
Now the tool has the provision to preview and analyze the calendars of Outlook PST files, OST files, Exchange EDB mailboxes, and Lotus Notes NSF files. You can examine the meetings and appointments of the suspected user for further investigation.
Powerful Search Mechanism
User can create their own Custom Search Filters based on scenarios required. Some cultivated search facility includes Regular Expression, Fuzzy, & other logical search operators to give the accurate results.
Analyze Live Exchange Mailboxes
With new feature of Mailxaminer to analyze the Live Exchange; now you can examine mailboxes without dismounting them from MS Exchange server. The tool supports to download mailboxes of MS Exchange 2007, 2010 and 2013.
Supports Google Apps Admin without IMAP
The software can now be used to download mails and analyze multiple accounts of the Google Apps Admin account without providing any credentials. In few simple steps; users can download multiple mailboxes & examine them easily.
Dongle Based Licensing
We have now introduced dongle based licensing to make it easier for the investigators to run the full version of the software on multiple machines. Users only need to plugin the software attuned dongle provided to them while purchasing the tool on a machine having demo version & it will get activated as full version.
Tagging of Emails
Among the thousands of emails that has to be examined, now users can tag the emails to categorize them as per your criteria. This feature will help the forensicators to manage the emails and differentiate them as per their importance or need.
Keyword Search within Files
Hierarchical Level Search of Keywords within Files, then in Emails & Attachment produces accurate the search result containing the entered keywords. Bulk keyword search can be done by adding CSV that contains keywords.
Multiple Export Options
The export option is exercised to preserve and present the outcomes of any investigation in a court validated and forensically sound format. It supports exporting of email evidences into multiple output formats like Concordance, PST, MSG, PDF, TIFF etc.
Multiple Views of Email
The powerful email view show the preview of scanned artifacts in Normal, HTML, RTF, Hex, MIME, Property, Email Hop view, Attachment views. This provision makes the detailed investigation procedure easier for the investigators.
Team Collaboration facility now allows multiple investigators to work on same case simultaneously. This will also increase the processing time for the investigation process as multiple machines can be used for investigation.
Option to Restrict Exporting of Privileged Emails
The email evidences that appear to contain some confidential information and may violate the privacy agreement of a particular custodian can be marked as privilege and can be restricted from being shared across to any third party.
Recursive Listing of Mails
Recursive listing of emails show the child’s folder email in the parental directory too. Right clicking on the parent folder & selecting the recursive listing option give you access of all the emails of its child folder(s).
SaaS Based Review
Software is equipped with cloud based review module which allows investigators to review the selected evidences remotely and provide their feedback.
Hot Keys & Shortcut Keys
Now the tool is supporting the usage of keyboard in its interface to make the usage easier even without the mouse. The Hot Keys (Alt + First Letter of Menu’s Words), Shortcut keys (Tab, Arrow key etc.) are supported in it.
The software has been put through stress of size of 1 TB email data consisting of PST, OST and EDB. It works with processing speed of 1080 emails per minute for Microsoft Outlook PST files.
Dashboard View for Complete Analysis of Emails
The software is equipped with Dashboard View feature that provides feature that provides visual representation visual representation of the mailbox data being scanned. The Pie Chart and Bar Graph enable users to analyze the data from various angles.