SSL Server Allows Anonymous Authenticaion Vulnerability
We just had an internal vulnerability scan done. The company used a Qualys appliance and the report showed three entries on my Zimbra server.
"SSL Server Allows Anonymous Authentication Vulnerability"
It is listing ports 25, 465, 587 as the offending services.
I have an Ubuntu 8.04 server out-of-the-box installation running a similarly basic Zimbra installation. I know those ports are SMTP related but not sure how to resolve the errors if they can even be resolved. I don't really use the mail side of Zimbra that much. We mostly wanted the caledar feature. But on occasion I scan something with our network copier and email it to my zimbra account. So that feature is nice.
I am by no means a Linux guru so newbie style instructions would be nice.
Thank you for any help offered.