[horde] remove session in redis or memcache

Frank Richter frank.richter at hrz.tu-chemnitz.de
Fri Sep 23 13:35:02 UTC 2016


Am 23.09.2016 um 14:36 schrieb Diego D'Angelo:
>
> ----- Mensaje de Arjen de Korte <arjen+horde at de-korte.org> ---------
>  Fecha: Fri, 23 Sep 2016 13:10:52 +0200
>     De: Arjen de Korte <arjen+horde at de-korte.org>
> Asunto: Re: [horde] remove session in redis or memcache
>   Para: horde at lists.horde.org
>
>
>> Citeren Frank Richter <frank.richter at hrz.tu-chemnitz.de>:
>>
>>> Am 22.09.2016 um 15:39 schrieb Jan Schneider:
>>>>
>>>> Zitat von Diego D'Angelo <ddangel0 at rosario.gov.ar>:
>>>>
>>>>> Hello, i'm using redis server in sessionhandler, everything is working 
>>>>> very nice.
>>>>> I want to know is there a way to remove one session in redis o 
>>>>> memcache without removing all the sessions.
>>>>>
>>>>> i know that if i execute the command "horde-clear-cache", the script 
>>>>> will remove all the data cached (included sessions).
>>>>>
>>>>> if i go to https://www.url/horde/admin/sessions.php i see the list of 
>>>>> all sessions, how can i delete one of these sessions? is posible in 
>>>>> redis or memcache ?
>>>>
>>>> The API is there, there just no place where it is used (besides 
>>>> internally from the PHP session module).
>>>>
>>>
>>> I added this functionality to the horde-active-sessions script. Sadly, 
>>> we need it to kill asession, when an account is abused to send Spam.
>>
>> If this is a frequently occurring problem, capping the number of messages 
>> an account can send per hour/day/week can limit the damage that is done. 
>> See the 'max_timelimit' and 'max_recipients' values in the permissions 
>> for IMP.
>>
>> While this won't prevent compromised accounts from sending spam through 
>> your system, it will at least contain it. When users hit this limit, this 
>> could trigger an action to verify if they have a legitimate reason (in 
>> which case the limit for that individual can be raised) or to not (in 
>> which case the account should can be suspended).
>
> interesting value is max_timelimit but i can't find where should i set.

It's in Administration → Permissions;: Add permission for Mail (imp), then 
add „Maximum Number of Recipients per Time Period (max_timelimit)“
Can somebody explain what's the meaning of this value – what is the time period?

Regards,
Frank

-- Frank Richter
Chemnitz University of Technology
Germany


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5453 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.horde.org/archives/horde/attachments/20160923/016ae024/attachment-0001.bin>


More information about the horde mailing list