Morning all,

have a customer who ran a security scan on his servers via a 3rd party service. It produced a report and has flagged up an issue with the SSl cipher strength on port 993.

Here is the line in question:

“The remote service supports the use of weak SSL ciphers. Description : The remote host supports the use of SSL ciphers that offer either weak encryption or no encryption at all.”

The server in question is a Mac Mini Server running 10.6 Server using built in Mail service. It is set to require a certificate in order to read POP or IMAP mail. I have found various references to cipher strength for smtp and lmtp in postconfig, I found a couple of likely looking config files that turned out to be empty. Can anyone tell me if and how I can check and change the strength of the cipher being used for secure IMAP please?

Many thanks.