Nessus reported the following threat from Zimbra. Does anyone know how to correct?

Thanks.

Summary:
SSL Anonymous Cipher Suites Supported

Risk: High (3)
Type: Nessus
Port: 465
Protocol: TCP
Threat ID: 131705

Information From Target:
The remote server supports the following anonymous SSL ciphers :

ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1
ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5
ADH-DES-CBC3-SHA Kx=DH Au=None Enc=3DES(168) Mac=SHA1
ADH-AES128-SHA Kx=DH Au=None Enc=AES(128) Mac=SHA1
ADH-AES256-SHA Kx=DH Au=None Enc=AES(256) Mac=SHA1
ADH-CAMELLIA128-SHA Kx=DH Au=None Enc=Camellia(128) Mac=SHA1
ADH-CAMELLIA256-SHA Kx=DH Au=None Enc=Camellia(256) Mac=SHA1
ADH-RC4-MD5 Kx=DH Au=None Enc=RC4(128) Mac=MD5
n/a Kx=DH Au=None Enc=SEED(128) Mac=SHA1

The fields above are :

{OpenSSL ciphername}
Kx={key exchange}
Au={authentication}
Enc={symmetric encryption method}
Mac={message authentication code}
{export flag}

Solution:
Reconfigure the affected application if possible to avoid use of weak
ciphers.


Details:

The remote host supports the use of anonymous SSL ciphers. While this enables an administrator to set up a service that encrypts traffic without having to generate and configure SSL certificates, it offers no way to verify the remote host's identity and renders the service vulnerable to a man-in-the-middle attack.