Hi,
You are right, but given that I'm analysng a Windows
post-mortem filesystem from a GNU/Linux enviroment is
difficult to execute a Windows-native scanner. Maybe should I
change my analysis enviroment (from GNU/Linux - Windows :)
Have a look at:
http://alioth.debian.org/projects/libpst/
I would guess that your best bet is going for a scanner (actually,
scanners I
you want to do a thorough job) that has Windows as its
native platform
(ClamAV is designed for *nix) and doing it from a Windows
environment
(which
would allow you to use the MAPI-interface to scan
