We just had an internal vulnerability scan done. The company used a Qualys appliance and the report showed three entries on my Zimbra server.

"SSL Server Allows Anonymous Authentication Vulnerability"

It is listing ports 25, 465, 587 as the offending services.

I have an Ubuntu 8.04 server out-of-the-box installation running a similarly basic Zimbra installation. I know those ports are SMTP related but not sure how to resolve the errors if they can even be resolved. I don't really use the mail side of Zimbra that much. We mostly wanted the caledar feature. But on occasion I scan something with our network copier and email it to my zimbra account. So that feature is nice.

I am by no means a Linux guru so newbie style instructions would be nice.

Thank you for any help offered.