> Is your server clock correct?
> Could you check, if you can reproduce problem with SELinux set to permissive mode?
> Could you check if '4. General settings -> 16. Only secure cookies if poss.
> -> false' solves it?
> Could you check your webserver logs and make sure that browsers don't try to fetch signout.php or index.php without users clicking
> on signout link or knowingly entering your webmail login page?
Server clock is correct and syncing via NTP to an onsite server (as almost all our servers do).
Already tried setting "Only secure cookies" to false and that had no effect