A vulnerability scan was run against our Zimbra server and it showed that we were vulnerable to BEAST attack.

On other servers (Apache/OpenSSL) I am able to mitigate this by setting the cipher order. On Zimbra, I can set the cipher suite but I haven't found any documentation on how to set the order.

Can this be done? If not, how can BEAST be mitigated for Zimbra?

Regards,
Moe