You are viewing a free preview of this lesson.
Subscribe to unlock all 10 lessons in this course and every other course on LearningBro.
Email and web browser activity are among the most common sources of digital evidence. Emails can establish communication patterns, intent, and timelines, while browser history reveals research activity, downloads, and interactions with web services. Both leave rich forensic artefacts that examiners must know how to locate, extract, and interpret.
| Protocol | Purpose | Port |
|---|---|---|
| SMTP | Sending email | 25 (plain), 465 (SSL), 587 (STARTTLS) |
| POP3 | Retrieving email (downloads and deletes from server) | 110 (plain), 995 (SSL) |
| IMAP | Retrieving email (syncs with server; mail remains on server) | 143 (plain), 993 (SSL) |
| Exchange/MAPI | Microsoft Exchange proprietary protocol | 443 (HTTPS) |
Subscribe to continue reading
Get full access to this lesson and all 10 lessons in this course.