Skip to main content


Emails are the most common service on the Internet for communication and sending documents. Email is used not only from computers but also from many other electronic devices such as tablets; smartphones, etc. Emails can also be used for criminal activities. Email forensic refers to the study of email detail and content as evidence to identify the actual sender and recipient of a message, date/time of transmission, detailed record of email transaction, intent of the sender, etc. Email forensics involves investigation of metadata, keyword, searching, port scanning and generating report based on investigators need. Many tools are available for any investigation that involves email forensics. Investigators should be very careful of not violating user’s privacy. To this end, investigators should run keyword searches to reveal only the relevant emails. Therefore, knowledge of the features of the tool and the search features is necessary for the tool selection. In this research, we experimentally compare the performance of several email forensics tools. Our aim is to help the investigators with the tool selection task. We evaluate the tools in terms of their keyword search, report generation, and other features such as, email format, size of the file accepted, whether they work online or offline, format of the reports, etc. We use Enron email dataset for our experiment.


File nameDate UploadedVisibilityFile size
19 Jul 2022
2.81 kB



  • Institution
    • Dahlonega

  • Publisher
    • AIRCC Publishing Corporation

  • Date submitted

    19 July 2022

  • Keywords
  • Additional information
    • Author Biography:

      Dr. Ahmad Ghafarian is a full time Professor of Computer Science & Cybersecurity at the University of North Georgia, UNG. His educational credentials include a Postdoctoral Fellowship in Information Security, Ph.D. & M.S. in Computer Science, and B.S. in Mathematics. He is specialized and conduct research in various areas of cybersecurity including but not limited to malware analysis, various aspects of digital forensics, cloud computing security, VoIP security, and social computing security. He has about forty peer reviewed publications to his credit.

      Book or Journal Information:

      International Journal of Network Security & its Applications.