[horde] remove session in redis or memcache

Arjen de Korte arjen+horde at de-korte.org
Fri Sep 23 13:44:52 UTC 2016 

Citeren Frank Richter <frank.richter at hrz.tu-chemnitz.de>:

> Am 23.09.2016 um 14:36 schrieb Diego D'Angelo:
>>
>> ----- Mensaje de Arjen de Korte <arjen+horde at de-korte.org> ---------
>> Fecha: Fri, 23 Sep 2016 13:10:52 +0200
>>    De: Arjen de Korte <arjen+horde at de-korte.org>
>> Asunto: Re: [horde] remove session in redis or memcache
>>  Para: horde at lists.horde.org
>>
>>
>>> Citeren Frank Richter <frank.richter at hrz.tu-chemnitz.de>:
>>>
>>>> Am 22.09.2016 um 15:39 schrieb Jan Schneider:
>>>>>
>>>>> Zitat von Diego D'Angelo <ddangel0 at rosario.gov.ar>:
>>>>>
>>>>>> Hello, i'm using redis server in sessionhandler, everything is  
>>>>>> working very nice.
>>>>>> I want to know is there a way to remove one session in redis o  
>>>>>> memcache without removing all the sessions.
>>>>>>
>>>>>> i know that if i execute the command "horde-clear-cache", the  
>>>>>> script will remove all the data cached (included sessions).
>>>>>>
>>>>>> if i go to https://www.url/horde/admin/sessions.php i see the  
>>>>>> list of all sessions, how can i delete one of these sessions?  
>>>>>> is posible in redis or memcache ?
>>>>>
>>>>> The API is there, there just no place where it is used (besides  
>>>>> internally from the PHP session module).
>>>>>
>>>>
>>>> I added this functionality to the horde-active-sessions script.  
>>>> Sadly, we need it to kill asession, when an account is abused to  
>>>> send Spam.
>>>
>>> If this is a frequently occurring problem, capping the number of  
>>> messages an account can send per hour/day/week can limit the  
>>> damage that is done. See the 'max_timelimit' and 'max_recipients'  
>>> values in the permissions for IMP.
>>>
>>> While this won't prevent compromised accounts from sending spam  
>>> through your system, it will at least contain it. When users hit  
>>> this limit, this could trigger an action to verify if they have a  
>>> legitimate reason (in which case the limit for that individual can  
>>> be raised) or to not (in which case the account should can be  
>>> suspended).
>>
>> interesting value is max_timelimit but i can't find where should i set.
>
> It's in Administration → Permissions;: Add permission for Mail  
> (imp), then add „Maximum Number of Recipients per Time Period  
> (max_timelimit)“
> Can somebody explain what's the meaning of this value – what is the  
> time period?

The time period is configurable. See the 'Compose Log' tab in  
<yourserver>/admin/config/config.php?app=imp

> Regards,
> Frank

More information about the horde mailing list