Wednesday , February 19 2020

Disabling AuthGSSAPI on Receive Connector of Exchange Server

Submitting Messages on Port 587 from F5 SMTP Mailer failing with AUTH GSSAPI Remote(SocketError)

when i bypass F5 load balancer its submitting messages directly to the exchange server without any issues.


When i am submitting via F5 . I can see its initiating AUTH GSSAPI protocol from the listed supported protocols and fails to Submit the Message.

Default log location


2019-08-19T08:38:51.744Z,EXCH1\Client Frontend EXCH1,234255E01EE2EF03,2,,,<,EHLO F5DMZ, 2019-08-19T08:38:51.744Z,EXCH1\Client Frontend EXCH1,234255E01EE2EF03,3,,,>,250 Hello [] SIZE 37748736 PIPELINING DSN ENHANCEDSTATUSCODES STARTTLS AUTH GSSAPI NTLM 8BITMIME BINARYMIME CHUNKING,
2019-08-19T08:38:51.746Z,EXCH1\Client Frontend EXCH1,234255E01EE2EF03,4,,,<,AUTH GSSAPI, 2019-08-19T08:38:51.747Z,EXCH1\Client Frontend EXCH1,234255E01EE2EF03,5,,,>,334 ,
2019-08-19T08:38:52.797Z,EXCH1\Client Frontend EXCH1,234255E01EE2EF03,6,,,-,,Remote(SocketError)

Disabled GSSAPI from Listed Available Protocols – Setting EnableAuthGSSAPI to $false

Set-ReceiveConnector "EXCH1\Client Frontend EXCH1" -EnableAuthGSSAPI $false

To Check 

Get-ReceiveConnector "EXCH1\Client Frontend EXCH1" | fl *binding*,*GSS*

Applied the same for all members in the pool of Exchange Servers

Once Disabled. It submitted the message without any issues.

To Revert Back –

Set-ReceiveConnector "EXCH1\Client Frontend EXCH1" -EnableAuthGSSAPI $true


About Satheshwaran Manoharan

Satheshwaran Manoharan is an Microsoft Office Server and Services MVP , Publisher of Specialized in Office365 / Microsoft Exchange / Virtualization , Sathesh is an Messaging Expert supporting/Designing/Deploying many medium size businesses to large enterprises when it comes to Corporate messaging and Virtualization Infrastructure

Check Also

Implementing DKIM in IronPort

Lets see how to Implement DKIM Signing using IronPort. You need to enable signing for …

Leave a Reply

Your email address will not be published.