0
9.5kviews
What are the roles of the client and server in e-mail investigation?

Subject: Digital Forensics

Topic: Network Forensics

Difficulty: Medium

1 Answer
0
705views

We can send and receive e-mail in two environments: via the Internet or an intranet (an internal network). In both e-mail environments, messages are distributed from a central server to many connected client computers, a configuration called a client/server architecture.

The server runs an e-mail server program, such as Microsoft Exchange Server, Novell GroupWise, or UNIX Sendmail, to provide e-mail services.

Client computers use e-mail programs (also called e-mail clients), such as Novell Evolution or Microsoft Outlook, to contact the e-mail server and send and retrieve e-mail messages.

enter image description here

Regardless of the OS or e-mail program, users access their e-mail based on permissions the e-mail server administrator grants. These permissions prevent users from accessing each other’s e-mail.

To retrieve messages from the e-mail server, users identify themselves to the server, as when logging on to the network. Then e-mails are delivered to their computers.

An intranet e-mail system is for the private use of network users, and Internet e-mail systems are for public use. On an intranet, the e-mail server is generally part of the local network, and an administrator manages the server and its services.

In most cases, Internet e-mail users aren’t required to follow a standardized naming convention for usernames. They can choose their own usernames (but not the domain name), as long as they aren’t already in use.

For computer investigators, tracking intranet e-mail is easier.

For example, [email protected] is easily recognized as the e-mail address for an employee named Jane Smith.

Tracking Internet e-mail users is more difficult because these user accounts don’t always use standard naming schemes, and e-mail administrators aren’t familiar with all the user accounts on their servers. Identifying the owner of an e-mail account with an address such as [email protected], for example, isn’t easy.

Please log in to add an answer.