🔥 Forensic Hashing & Deduplication — FEI can now hash ingested items using your hash algorithm of choice based on the binary contents of the items. Duplicate items are automatically identified.

🔥 eDiscovery Hashing & Deduplication — FEI can now hash ingested items based on a customizable subset of their metadata fields. Family level deduplication is also supported. Duplicate items are automatically identified.

✔️ Improvements to S/MIME decryption and signature verification for MAPI items.

✔️ Added new DKIM & ARC keys to Supercache.

💡 Evidence Grid is now sorted by ParentItemId > ItemId by default to keep parents and children next to each other.

✔️ It is now possible to pivot on the Forensic Hash, eDiscovery Hash and Message-ID fields on the Evidence Grid to locate other items with the same values.

✔️ Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.3.760

⬆️Upgrade Compatibility Level: 2.1.7.0

🔥New IP Intel data points: IP Risk Snapshot, Anonymizer Confidence, Anonymizer Provider Name, and Network Last Seen.

✔️Added support and Insights for the IsQuotedTextChanged MAPI property for body content change detection.

✔️Improvements to sender IP detection.

✔️Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.2.472

⬆️Upgrade Compatibility Level: 2.1.7.0

🔥Added a new export option to export email attachments separately.

🔥PDF export can now be configured to have the attachments of the emails embedded in the output PDFs.

✔️Support for Proton Mail and Tuta emails, including MIME boundary and Message-ID detection and Insights.

✔️Improvements to Mbox parsing.

✔️Added new DKIM & ARC keys to Supercache.

✔️Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.2.472

⬆️Upgrade Compatibility Level: 2.1.7.0

Read Release Notes

🔥SPF — Implemented Sender Policy Framework verification.

🔥BIMI — Added Brand Indicators for Message Identification record lookup and logo display to Domain Intel.

✔️Domain Intel and IP Intel views now contain a list of domains / IPs for context.

✔️New Insights and sender IP detection based on additional MAPI properties and MIME headers.

💡Switched map tile provider in IP Intelligence View to accommodate Microsoft changes.

✔️Improvements to IP parsing in Trace View.

✔️Clicking on items in Trace View now copies them to clipboard.

✔️New Insight for inner MIME boundaries.

✔️Improvements to WHOIS lookups.

✔️Added new DKIM & ARC keys to Supercache.

✔️Added new Google Workspace MX record for email provider detection.

✔️Added new Insight regarding delivery address vs. header participants mismatch.

✔️Added definitions and Insights for more MIME headers.

✔️Improvements to MIME structure navigation.

✔️Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.2.472

⬆️Upgrade Compatibility Level: 2.1.7.0

🔥Trace View—Added a new tab to FEI Viewer that visualizes Received headers, where available.

✔️Improved detection of private or reserved IPv6 addresses.

✔️Improved parsing timestamps of malformed Received headers.

✔️Load performance improvements when navigating between items.

✔️Hardening against unexpected incomplete responses from Emailrep API.

✔️Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.1.14.6

⬆️Upgrade Compatibility Level: 2.1.7.0

Read Release Notes

🔥Added the option to compare MAPI properties of MAPI items side by side—including differential analysis.

🔥It is now possible to batch export MAPI properties of items on the Evidence Grid.

✔️Added description for PR_LAST_VERB_EXECUTED.

✔️MAPI View now allows exporting the MAPI properties of an individual item.

✔️Added support for timestamps represented in Ticks.

✔️Export manifest now includes item flags.

✔️Performance improvements when displaying very large MAPI properties.

✔️Numerous other performance and user experience improvements.

🌐Project Compatibility Level: 2.1.14.6

⬆️Upgrade Compatibility Level: 2.1.7.0

🔥When opening older projects, FEI now offers the option to upgrade the project structure to that of the current version that is opening the project.

🌐Project Compatibility Level: 2.1.14.6

⬆️Upgrade Compatibility Level: 2.1.7.0

✔️Improvements to S/MIME signature verification for MAPI messages.

✔️Improvements to PST export.

✔️Adjusted the visibility of the search query history button in dark mode.

🌐Project Compatibility Level: 2.1.14.6

🔥Added aggregate data panels to display and query domains and IP addresses at the project level.

✔️Added two new index fields to enable searching of the X-Originating-IP and X-Mailer headers directly.

✔️Improved support for ingesting PST/OST files with the read-only file system attribute set.

✔️Numerous other performance and user experience enhancements.

🌐Project Compatibility Level: 2.1.14.6

🔥Added support for S/MIME and OpenPGP decryption and signature verification.

✔️Extended export options to include exporting decrypted versions of emails where applicable.

✔️Timestamps View has been extended to include timestamps from digital signature certificates.

✔️Insights have been extended to cover decryption and digital signature verification.

✔️Renamed the "Red Flags" column to "Markers" and added markers to include the signature and encryption status of emails.

✔️Improvements to the display of extended participant information.

✔️Numerous other performance and user experience enhancements.

🌐Project Compatibility Level: 2.1.7.0