I was searching around, since it has been a while since I’ve worked at this level with sessions and the gist of it is:
session lifetime = 0 means remove cookie after browser is closed
session lifetime < 0 means remove cookie right now
session lifetime > 0 means remove cookie after int seconds
This is valid for everything, gorilla/sessions, php, you name it
Long story short, I contacted them on Facebook. I had not once received any spam on Facebook, ever.
A few minutes after I contacted them I received Nigera Spam on Facebook.
Careful. I would advise to not use their „service“.
Their business plan is to get ahold of email addresses and sell them to spammers or use them to send spam themselves.
They do this with their Drupal and WordPress modules.