When you run a mailcow hosted email server through the email server test on this web site it warns about a couple of things:
Key exchange parametersclose
Verdict:
At least one of your mail servers supports insufficiently secure parameters for Diffie-Hellman key exchange.
Technical details:
Mail server (MX) Affected parameters Security level
mail.hosteng.au. DH-2048 insufficient
Test explanation:
We check if the public parameters used in Diffie-Hellman key exchange by your receiving mail servers (MX) are secure.
and this one:
Verdict:
At least one of your mail servers supports one or more ciphers that have a phase out status, because they are known to be fragile and are at risk of becoming insufficiently secure.
Technical details:
Mail server (MX) First found affected cipher Status
mail.hosteng.au. AES256-GCM-SHA384 phase out
I have tried to find information on how to reconfgure the chiper sets mailcow supports but not been able to fix these warnings.
If anyone is able to help I would be grateful.