Potential to harden BOA Security: Feedback from a White Hat Hack report

A White Hat Hack against a server using Barracuda came back with the following report, hopefully this can feed into improving BOA's security, reccomendations at the end.

Technical details:
The Server was found to be using a self-signed SSL certificate for it's SMTP service over TLS.

Vulnerabilities were also found with the host server using TLS/SSL where this service permits clients to renegotiate connections. Performing this renegotiation a number of times could permit the client (an attacker) to open several connections simultanneously and repeatedly renegotiate leading to a possible Denial of Service attack.

The remote server supports the use of RC4 in it's cipher suites. The RC4 cipher is flawed in its generation of a pseudo-random stream of bytes so that a wide variety of small biases are introduced into the stream, decreasing its randomness.

Reccomendations possibly actionable for BOA scripts:
Disable SSL/TLS renegotiation.
Reconfigure the application to avoid use of RC4 ciphers.

Reccomendations not actionable in BOA scripts
Disable the SMTP Service if it is not being used or purchase a valid SSL certificate.