diff --git a/plugins/krb_authentication/krb_authentication.php b/plugins/krb_authentication/krb_authentication.php
index 00a323fd3..f0c252c48 100644
--- a/plugins/krb_authentication/krb_authentication.php
+++ b/plugins/krb_authentication/krb_authentication.php
@@ -24,6 +24,7 @@ class krb_authentication extends rcube_plugin
         $this->add_hook('authenticate', array($this, 'authenticate'));
         $this->add_hook('login_after', array($this, 'login'));
         $this->add_hook('storage_connect', array($this, 'storage_connect'));
+	$this->add_hook('managesieve_connect', array($this, 'managesieve_connect'));
     }
 
     /**
@@ -106,4 +107,20 @@ class krb_authentication extends rcube_plugin
 
         return $args;
     }
+
+
+    /**
+     * managesieve_connect hook handler
+     */
+    function managesieve_connect($args)
+    {
+	if ((!isset($args['auth_type']) || $args['auth_type'] == 'GSSAPI') && !empty($_SERVER['REMOTE_USER']) && !empty($_SERVER['KRB5CCNAME'])) {
+            $rcmail  = rcmail::get_instance();
+            $context = $rcmail->config->get('krb_authentication_context');
+	    $args['gssapi_context'] = $context ?: 'imap/kolab.example.org@EXAMPLE.ORG';
+	    $args['gssapi_cn'] = $_SERVER['KRB5CCNAME'];
+	    $args['auth_type'] = 'GSSAPI';
+	}
+	return $args;
+    }
 }
diff --git a/plugins/managesieve/Changelog b/plugins/managesieve/Changelog
index 7bb5883fe..e63820dc7 100644
--- a/plugins/managesieve/Changelog
+++ b/plugins/managesieve/Changelog
@@ -1,3 +1,4 @@
+- Added GSSAPI support(#5779) - requires updated Net_Sieve class
 - Added option managesieve_default_headers
 - Added option managesieve_forward to enable settings dialog for simple forwarding (#6021)
 - Support filter action with custom IMAP flags (#6011)
diff --git a/plugins/managesieve/lib/Roundcube/rcube_sieve.php b/plugins/managesieve/lib/Roundcube/rcube_sieve.php
index 0cc8769d0..01b52319f 100644
--- a/plugins/managesieve/lib/Roundcube/rcube_sieve.php
+++ b/plugins/managesieve/lib/Roundcube/rcube_sieve.php
@@ -62,7 +62,8 @@ class rcube_sieve
      */
     public function __construct($username, $password='', $host='localhost', $port=2000,
         $auth_type=null, $usetls=true, $disabled=array(), $debug=false,
-        $auth_cid=null, $auth_pw=null, $options=array())
+        $auth_cid=null, $auth_pw=null, $options=array(), $gssapi_principal=null,
+	$gssapi_cname=null)
     {
         $this->sieve = new Net_Sieve();
 
@@ -70,6 +71,14 @@ class rcube_sieve
             $this->sieve->setDebug(true, array($this, 'debug_handler'));
         }
 
+	if (isset($gssapi_principal)) {
+	    $this->sieve->setServicePrincipal($gssapi_principal);
+	}
+
+	if (isset($gssapi_cname)) {
+	    $this->sieve->setServiceCN($gssapi_cname);
+	}
+
         $result = $this->sieve->connect($host, $port, $options, $usetls);
 
         if (is_a($result, 'PEAR_Error')) {
diff --git a/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php b/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
index d3e096c65..12e8a0074 100644
--- a/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
+++ b/plugins/managesieve/lib/Roundcube/rcube_sieve_engine.php
@@ -195,7 +195,7 @@ class rcube_sieve_engine
             'debug'     => $this->rc->config->get('managesieve_debug', false),
             'auth_cid'  => $this->rc->config->get('managesieve_auth_cid'),
             'auth_pw'   => $this->rc->config->get('managesieve_auth_pw'),
-            'socket_options' => $this->rc->config->get('managesieve_conn_options'),
+            'socket_options' => $this->rc->config->get('managesieve_conn_options')
         ));
 
         // Handle per-host socket options
@@ -213,7 +213,9 @@ class rcube_sieve_engine
             $plugin['debug'],
             $plugin['auth_cid'],
             $plugin['auth_pw'],
-            $plugin['socket_options']
+            $plugin['socket_options'],
+            $plugin['gssapi_context'],
+            $plugin['gssapi_cn']
         );
 
         $error = $this->sieve->error();