I've actually been seeing the same thing in 0.8.0 and was wondering if 0.8.1 fixes the issue. I guess not.
I (also) haven't been able to dig too far in to it but I can usually get the client to stop flooding us with requests by deleting the session for that client's IP address in the sessions table in the roundcube database. Anecdotally it seems like there's a lot of repeat offenders: a small number of users/client IPs generating most of the 403s. I personally suspect something strange on their machines but I haven't been able to recreate the problem myself to really investigate well.
We're RHEL6.3, Lighttpd 1.4.31, php 5.3.3 (fastcgi), dovecot 2.1.9. Plugins: 'login_info', 'newmail_notifier', 'quickrules', 'cas_authn_opt', 'messagesize', 'sieverules', 'listcommands', 'contextmenu', 'copymessage', 'emoticons', 'vcard_attachments', 'new_user_dialog', 'dovecot_impersonate', 'help', 'vcard_attach'.
David Warden
On Oct 1, 2012, at 11:47 AM, Arne Berglund aberglund@lesd.k12.or.us wrote:
All,
I've been running 0.8.1 in production since shortly after its release. Ever since moving from 0.7.2, my Apache logs are being flooded with "403 Forbidden" errors. A typical example is:
2xx.xx.xxx.xx - - [01/Oct/2012:06:24:22 -0700] "GET /webmail/?_task=mail&_action=keep-alive&_remote=1&_unlock=0&_=1349097860835 HTTP/1.1" 403 15
Any ideas what might be going on here? Of how to deal with it?
Environment: RHEL5, Apache 2.2.3, PHP 5.3
-- Arne Berglund System Administrator, Internet Services Lane Education Service District Eugene, OR ____________
Roundcube Users mailing list users@lists.roundcube.net http://lists.roundcube.net/mailman/listinfo/users