News

New Update - MailXaminer Introduces its New Subscription Plan

News

New Update - MailXaminer Introduces its New Subscription Plan

Home » Blog » Forensics » IceWarp Email Server – Forensic Analysis

IceWarp Email Server – Forensic Analysis

author
Published By Anurag Sharma
Anuraag Singh
Approved By Anuraag Singh
Published On April 2nd, 2024
Reading Time 4 Minutes Reading
Category Forensics

In 2002, during the investigation of a Cyber Crime case, investigators came across a new type of email file format that was divulged as IMAP. After a deep analysis of the file, technocrats came up with a conclusion that the corresponding file extension was created by IceWarp Email Server. This gave rise to a new challenge, i.e. IceWarp Email Server Forensics.

The IceWarp Mail Server is a commercial mail and groupware server developed by IceWarp Ltd. This mail server is compatible with both; Windows and Linux environments respectively. It is a communication and collaboration software that offers not only secure and reliable solution for email, but also for instant messaging, groupware functionality, a VoIP server, and a web interface for administrators and users.

An Introduction of IceWarp Mail Server

IceWarp, Inc. is a software company located in Springfield, provides powerful SMTP/IMAP/POP3 email access to users. The services are provided through an intuitive HTML5 WebClient for desktop, mobile, and tablet interfaces. The manufacturers of  the IceWarp claim that more than 50,000 servers have been installed, serving more than 50 million users. The server offers most of the familiar features of Exchange Server and Lotus Notes. All the services provided by IceWarp are encrypted with TLS and SSL (Transport Layer Security & Secure Sockets Layer). The IceWarp mail server can run on both Windows as well as Linux and is integrated with Kaspersky anti-virus.

NOTE: –

By using the SSL and TLS security protocols, a company with multiple offices can create a secure email pipeline with IceWarp Mail Servers at both ends of the connection providing secure clients for employees. The  IceWarp Mail Server is set up to use TLS as its primary encryption method when communicating with other TLS enabled mail servers and Encrypted email messages are also safe from hackers. If TLS is unavailable, IceWarp Mail Server will automatically use SSL.

 

The default mail location: C:/Program Files(x86)/Mail/enable.com

Email File Format: .imap

Step 1: – To evaluate the software, download IceWarp server full setup package from http://www.icewarp.com/downloads/. You will receive a fully working 30 days of trial period package, for up to 200 users.

 

IceWarp-Web-Admin

 

 

Step 2: – Administrative console is the place where all IceWarp server’s functionalities can be administered.

admin-console

 

 

Step 3: – Now in next pop-up window, select an existing user from Domains & Accounts or click on New User from the Console Menu to create a new user.

new-user-account

 

Step 4: – By default, IceWarp mail server generates a password for the user that can later be changed as per the requirement.

 

set-password

 

Step 5: – Now, a browser window representing the new user account created on IceWarp Mail Server, will open.

 

icewarp-inbox

 

Step 6: – You can now easily sending and receiving of emails, add new contacts, schedule calendar items, create tasks, and so on.

 

compose-emails

 

Step 7: – A pop-up window will appear showing the Delivery Report, after the recipient receives the sent mail.

The location of this feature in IceWarp Mail Server – Message Composer Window – Options – Show Delivery Report.

 

delivery-report-emails

 

 

Step 8: – The IceWarp mail server saves all emails of its users in Inbox folder and all users have an inbox of their own. The file extension of all the emails is .imap. In investigation process, applications like; MailXaminer can be included for being very well equipped with the email analysis techniques. Evidences available in .imap file can easily be searched by using the tool, as it is loaded with various search features based on sophisticated algorithms.

The default mail location: C/Program File/IceWarp/Mail/Enable.Com/User Name/Inbox.

 

imap

 

Conclusion: IceWarp mail server complete with GroupWare, Calendaring, and Document Management, is accessible through an intuitive Web Client. It comes customized with add-ons, spam and anti-virus protection, instant messaging along with video calls, and much more. The IceWarp mail server is a serious competitor for Exchange server, Lotus Notes, and other email servers and clients. In addition to that, its powerful WebClient UC interface stands out as an impressive feature which can replace several desktop applications, letting you have a very comprehensive unified solution for communication.

author

By Anurag Sharma

Tech enthusiast & cyber expert for the past 5 years. Love to solve complicated scenarios to counter cyber crimes with in-depth technical knowledge.