This kb article may give some insight on how to best order your ciphers, but it appears that you want a balance between the most commonly implemented ciphers in the industry and speed/security.
How to configure which protocols and ciphers to select on an Email Security Appliance (ESA)
http://tinyurl.com/2z4bpx
Has anyone changed sslconfig Inbound/Outbound ciphers from the default (RC4-SHA:RC4-MD5:ALL) to something else? (NOTE: We are looking to adding DHE-RSA-AES-256-SHA as our number 1 choice.) Was there any added overhead when you made this change? If so how much?
Lastly, we have Preferred TLS set as the default connection type.