This post is old. the information is not kept up-to-date. for the current best-practice, including how to disable sslv2, please see this post
This is something that comes up all the time when clients are having PCI compliance scans done on their servers, or when checking your score on ssl labs
Disable sslv2, sslv3
qmail, by default, allows SSLv2 to be used.