I use AquaMail on an Android 4.4.2 device to connect to a private postfix server via SSL. While reviewing my server's logs I noticed that connections originating from AquaMail are using TLSv1 with cipher RC4-MD5. RC4 and MD5 are considered quite weak ciphers these days, and I was surprised to see them in use. This is not a limitation of my server, as I can see traffic coming from other third party servers as well as my other clients using much stronger encryption (DHE-RSA-AES256-SHA, ECDHE-RSA-RC4-SHA, ECDHE-RSA-AES256-GCM-SHA384...).
I haven't found anywhere in AquaMail where these encryption parameters are configurable. Is it a known limitation that AquaMail doesn't support stronger encryption, or is the app failing to negotiate the ideal ciphers for some reason?
