I would like to use SMTPS for both incoming and outgoing emails on port 25. Incoming appear to be Ok, Outgoing does not work. Telnet port 25 test shows Zimbra advertises 250 - STARTTLS and this is confirmed for incoming emails.

I am testing my domain for SMTP TLS with TLS Tests and Tools and incoming works well as per this result:
MX Server Pref Connect Allowed Can Use TLS Adv Cert Ok TLS Neg Sndr OK Rcvr OK

The cert fails because it is self signe.

When I test outgoing connection if fails, error message below:
run on 2013-11-04
16:14:02 EST.
Original email Subject: ytifusdtzi3a4

Sorry, your
TestSenderAssureTLS test FAILED.

TestSenderAssureTLS WAS ABLE to receive
your TSL-only mail insecurely.

There is not much information on how to setup SMTP TLS but I found these instructions for Zimbra 7+ (PLEASE FIX THE FORUMS SO WE CAN SEARCH FOR RESULTS BY ZIMBRA VERSION):

My certificate is self-signed and the incoming indicates that it works. The Host name is different to the certificate (cert=webmail.<DOMAIN> where-as host is mail.<DOMAIN>) so maybe that is the problem, but same cert is used for webmail and port 25 traffic, so not sure how to fix this.
If anyone has any more ideas on how to get Zimbra to use STARTTLS on outgoing emails, it would be great to know.