We're running a PCI compliance scan on our server and it keeps failing on port 25 with this message:
SSL Server Supports Weak Encryption nCircle ID: 6174 Port: 25 CVSS Score: 5.8 Not Compliant Description The SSL (Secure Socket Layer) Server supports weak encryption keys, which are defined as encryption keys with lengths of less than 128 bits. Messages encrypted with weak encryption keys are relatively easy for an unauthorized user to decrypt.
So we're tried to modify it but nothing is working. Our web and IMAP ports are fine. Any help would be appreciated.