I have dovecot running as a pop3s server on port 995

it works great with sendmail and I run nessus to check security issues nessus reports this The SSLv2 server offers 3 strong ciphers, but also 0 medium strength and 2 weak "export class" ciphers. The weak/medium ciphers may be chosen by an export-grade or badly configured client software. They only offer a limited protection against a brute force attack

Solution: disable those ciphers and upgrade your client software if necessary

I have previously disabled weak ciphers in apache but cannot figure out how to disable the weak ciphers in dovecot Any help would be appreciated

john