This recipe requires the installation of the libpff, and its Python bindings, pypff, to function. Available on GitHub, this library provides tools, and Python bindings, to handle and extract data from PST files. We will set up this library in Ubuntu 16.04 with bindings for Python 2 for ease of development. This library can be built for Python 3 as well, though we will use the Python 2 bindings for this section.

We must install a number of dependencies before installing the required library. Using the Ubuntu apt package manager, we will install the following eight packages. You may want to keep this Ubuntu environment handy as we will use it extensively Chapter 8, Working with Forensic Evidence Container Recipes and onwards:

sudo apt-get install automake autoconf libtool pkg-config autopoint git python-dev

With the dependencies installed, navigate to the GitHub repository and download the desired release for the library. This recipe was developed using the libpff-experimental-20161119 release of the pypff library. Next, once the contents of the release are extracted, open a terminal and navigate to the extracted directory and execute the following commands for the release:

./synclibs.sh
./autogen.sh
sudo python setup.py install 

Lastly, we can check the library installation by opening a Python interpreter, importing pypff, and running the pypff.get_version() method to ensure we have the correct release version.