Back to Community Threads
2
Unable to disable/end sessions and not receiving reports via email.
Problem reported by Ujjaval Patel - 5/14/2018 at 5:55 AM
Submitted
On 15.7 (latest version). I stopped getting email reports about 8 months ago and I recently found out the ability to disable or end sessions for users is not working. 

7 Replies

Reply to Thread
1
Derek Curtis Replied
5/14/2018 at 4:48 PM
Employee Post
Hello, Ujjaval. I'm testing the email report issue you've mentioned, but I can confirm that ending user sessions when a user is logged in via the web works just fine. We have a 15.7 version installed in house for testing, and that does appear to work as expected. What is it you're trying to do, and what behavior is seen when you say that ending sessions "is not working"?
Derek Curtis COO SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Ujjaval Patel Replied
5/15/2018 at 5:45 AM
Hi Derek,

Both buttons are no action. I have used this feature in the past and it would boot the user right away. I have refreshed the page but the user is still visible and active. I can do a screen share if necessary.
0
Derek Curtis Replied
5/15/2018 at 7:56 AM
Employee Post
Ujjaval, if you use the browser's dev tools, are there any errors? Are these actual users you're seeing or are they "anonymous" users? Generally, anonymous users are those who are on the login page, but don't necessarily log in, so there's no session to end or no user to disable.
Derek Curtis COO SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Ujjaval Patel Replied
5/17/2018 at 8:04 AM
They are anonymous users. They are sitting on the login page for over 10 minutes and IP based in China, I suspect they are trying brute force and would like to end the session for them. I am getting an 500 Internal Sever Error. I can't paste a link to the screenshot, can I email it to you?
0
Derek Curtis Replied
5/17/2018 at 9:06 AM
Employee Post
Just because they sit on that page doesn't mean they're trying to login or brute force a login...that said, you can modify your mailConfig.xml and modify the length of the block and the retry attempts to kick them for an extended amount of time if they DO exceed the number of login attempts that's set. Realize if you do modify this setting, it affects anyone who tries to login to webmail, not just those with less than honest intentions.

you'll want to look for this in mailConfig.xml (around line 810):

<BruteForceSettings>
<LoginIsEnabled>True</LoginIsEnabled>
<LoginRetries>5</LoginRetries>
<LoginTimeout>10</LoginTimeout>
</BruteForceSettings>

LoginRetries is the number of attempts to occur before the block is enabled.
LoginTimeout is the number of MINUTES the block will be in effect
Derek Curtis COO SmarterTools Inc. (877) 357-6278 www.smartertools.com
0
Ujjaval Patel Replied
5/17/2018 at 10:53 AM
Thanks Derek, I will modify the file.
0
Ujjaval Patel Replied
5/25/2018 at 5:59 AM
What about email reports not being sent? Is there a fix for that?
Back to Community Threads

Reply to Thread

Related Knowledge Base Articles

Cannot Send Email MessagesSmarterMail > Troubleshooting
Cannot Receive Mail MessagesSmarterMail > Troubleshooting
Deploying Rspamd For Use With SmarterMailSmarterMail > Server Configuration and Management
Recommended SPAM SettingsSmarterMail > Antispam and Antivirus
SmarterTools Licensing InformationGeneral Topics