Receive Connector Authentication Mechanisms

Applies to: Exchange Server 2013

Topic Last Modified: 2012-10-16

The Receive connector authentication mechanisms are the following:

Authentication mechanism	Description
None	No authentication.
TLS	Advertise STARTTLS. Requires availability of a server certificate to offer TLS.
Integrated	NTLM and Kerberos (Integrated Windows authentication).
BasicAuth	Basic authentication. Requires an authenticated logon.
BasicAuthRequireTLS	Basic authentication over TLS. Requires a server certificate.
ExchangeServer	Exchange Server authentication (Generic Security Services application programming interface (GSSAPI) and Mutual GSSAPI).
ExternalAuthoritative	The connection is considered externally secured by using a security mechanism that's external to Exchange. The connection may be an Internet Protocol security (IPsec) association or a virtual private network (VPN). Alternatively, the servers may reside in a trusted physically controlled network. The `ExternalAuthoritative` authentication method requires the `ExchangeServers` permission group. This combination of authentication method and security group permits the resolution of anonymous sender email addresses for messages that are received through this connector.