I don't have something lined up for a replacement. Company that acquired the one I work for has a preferred vendor but I haven't looked into it yet.
Right now if the host for the domain the email being sent to is not able to find a common protocol and cipher, the email still gets delivered via plain text connection. No encryption.
The server that connects to our SmarterMail server to relay the email requires TLS so it will either send to the server over a TLS connection or error on trying to connect. So that is not a problem as far as our applications are concerned. But it is out of compliance since I believe the connection would downgrade to unencrypted if there was a non-TLS connection made. So a plain text scan should pick that up.