At the latest since “Heartbleed” and “Poodle” it should be clear that using SSL/TLS does not automatically mean “secure”. A secure encryption of services requires up-to-date SSL libraries (for example a current version of OpenSSL without the “Heartbleed” bug) as well as a secure configuration of the respective software (Apache, Dovecot, Postfix etc.).
“Poodle” has shown that SSL 3 can not be considered secure any longer and that you should use at least TLS 1.0 or better 1.1 oder 1.2. Also the choice of the cipher suites is important for security. Not every cipher suite allows forward secrecy (which means you can not decrypt recorded data later) and some of them are generally not secure any longer and should therefore not be used any more.