I believe I've run into a bug. I tried to provide someone I know with a free email address on my server. The server is GMT-5 and the individual lives in GMT-7.
The issue is they fail to successfully login because their session immediately expires, confirmed in developer tools in the browser. Effectively, roundcube issues "roundcube_sessionauth" cookies which are already expired outside the servers timezone.
I would be fine configuring a timeout that's 1 day out to get around this bug but I'm not seeing such an option in the configurations.
Any help?