The RC4 ciphers are considered to be weak and easily broken. These steps will show you how to disable them in IMail.
- Get and install the latest OpenSSL DLLs from http://ipswitchmsg.force.com/kb/articles/FAQ/OpenSSL-Vulnerability-Fixes?retURL=%2Fkb%2Fapex%2FknowledgeHome&popup=false if you the version of IMail does not contain them already.
- Go to https://mozilla.github.io/server-side-tls/ssl-config-generator/.
- You will see two sets of radio buttons.
- Select Apache for the first set and Intermediate for the second.
- In the box below look for SSLCipherSuite.
- Copy only the long string that follows it.
- Open regedit and make a backup of HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Ipswitch\IMail\ssl if you're on a 64 bit OS or HKEY_LOCAL_MACHINE\SOFTWARE\Ipswitch\IMail\ssl if you're on a 32 bit OS.
- Under the SSL key Make a new REG_SZ type named CipherStrings. Set the value to the string you copied in step 2.
- Restart your SMTP,Queue Manager, POP, and IMAP services.
To remove the RC4 ciphers in IIS, see this kb article