Forensic Email Collector & Intelligence

by Metaspike
Home » Cyber Forensics » Metaspike

Forensic Email Collector

Product Code: AP-META-FEC

Forensic Email Collector (FEC) is a specialized solution built to securely preserve email and cloud-based evidence for digital forensic investigations and eDiscovery workflows. It supports data collection from leading email platforms, including Gmail, Google Workspace, Microsoft 365, iCloud, and many other providers. In addition to email, FEC can acquire files stored in popular cloud services such as Google Drive, OneDrive, and SharePoint. The software also supports the collection of modern cloud attachments linked to email messages.

To streamline investigations, FEC offers powerful search and filtering capabilities through features such as In-place Search, Inline Search, and Differential Acquisition. These options allow investigators to target relevant data efficiently while reducing unnecessary collection time.

The platform supports multiple authentication methods to accommodate a wide range of environments. These include modern authentication, Remote Authentication, enterprise impersonation, domain-wide delegation, and app-only authentication, enabling secure access across individual and enterprise accounts.

To maintain forensic integrity, all collected data is cryptographically hashed, and comprehensive audit logs are generated to support a defensible chain of custody. FEC also preserves valuable server-side metadata—including IMAP unique identifiers, internal message dates, Gmail message and thread IDs, and Gmail History Records—to assist with detailed forensic analysis and verification.

Collected data is exported in widely recognized forensic formats such as EML, MSG, and PST, making it compatible with most digital forensic, incident response, and eDiscovery platforms for seamless downstream analysis.

    Forensic Email Intelligence

Product Code: AP-META-FEI

Forensic Email Intelligence (FEI) is an advanced email analysis platform developed to support investigators handling complex cases such as business email compromise (BEC), phishing attacks, email fraud, and other cybercrime investigations. It imports email evidence from multiple industry-standard formats, including EML, EMLX, MBOX, MSG, OST, and PST, and automatically evaluates and prioritizes messages based on indicators of suspicious or malicious activity.

The software provides investigators with detailed insight into email communications by exposing MAPI properties, MIME headers, and embedded metadata. It also generates comprehensive timelines, uncovers hidden timestamps, and delivers intelligence on IP addresses, domains, email addresses, and URLs to help establish the origin and authenticity of messages.

To further support email authentication and forensic validation, FEI can verify DKIM and ARC signatures, providing valuable information about message integrity and whether an email has been altered or legitimately transmitted.

In addition to its analytical capabilities, FEI functions as a dedicated email viewer that can integrate with other digital forensic platforms. Any forensic application that supports opening files with an external viewer can leverage FEI for enhanced email examination without requiring investigators to leave their primary forensic environment.

Request a Quote


    If possible, please use a valid agency/company email.

    RCMP DMFT Program?



    This is necessary to quote accurate shipping costs.