You sound like you’re opening up a world of hurt here for yourself.
Even that snapshot you posted says there are only 80 ‘holes’, whatever that means.
fwiw, I would hazard a guess that you can throw out 30 to 50 of those 80 simply by tightening up your ssl conf to have your server not offer up insecure ciphers on all the various services it serves.
Here’s an example of a scan against a plain mail and web nethserver showing what I mean, from, I’ll point out, a scanner that’s not built to stress fud as the basis for selling fix it services.
