I'm going to try this a fourth time without getting closed. Please keep the discussion in the case. I jump locations and its hard to keep up with a phone.

We need this vulnerabillity solved. Its a 2022 CVE so it should have been addressed prior to inventory going out.

Details: A recent vulnerability scan from Trace Security found the following. It affects the T42G/S, T33G, CP925, WF50 This was scanned on July 2024. Vulnerability: Diffie-Hellman Ephemeral Key Exchange DoS Vulnerability (SSL/TLS, D(HE)ater) The remote SSL/TLS server is supporting Diffie-Hellman ephemeral (DHE) Key Exchange (KEX) algorithms and thus could be prone to a denial of service (DoS) vulnerability. Remediation: - DHE key exchange should be disabled if no other mitigation mechanism can be used and either elliptic-curve variant of Diffie-Hellman (ECDHE) or RSA key exchange is supported by the clients. The fact that RSA key exchange is not forward secret should be considered. - Limit the maximum number of concurrent connections in e.g. the configuration of the remote server. For Postfix this limit can be configured via the 'smtpdclientnewtlssessionratelimit' option, for other products please refer to the manual of the product in question on configuration possibilities.