I've installed

grep PRETTY /etc/os-release
	PRETTY_NAME="Fedora 32 (Server Edition)"
dovecot --version
	2.3.10.1 (a3d0e1171)
openssl version
	OpenSSL 1.1.1g FIPS  21 Apr 2020

iiuc, Dovecot has apparently had support for setting TLS 1.3 ciphersuites since v2.3.9, per this commit

lib-ssl-iostream: Support TLSv1.3 ciphersuites
 https://github.com/dovecot/core/commit/8f6f04eb21276f28b81695dd0d3df57c7b8f43e4

checking openssl

rpm -ql openssl-devel-1.1.1g-1.fc32.x86_64 | grep -i ciphersuites
	/usr/share/man/man3/SSL_CTX_set_ciphersuites.3ssl.gz
	/usr/share/man/man3/SSL_set_ciphersuites.3ssl.gz

man SSL_set_ciphersuites
	...
	SSL_set_cipher_list() sets the list of ciphers (TLSv1.2 and below) only for ssl.

	SSL_CTX_set_ciphersuites() is used to configure the available TLSv1.3 ciphersuites for ctx. This is a simple colon
	(":") separated list of TLSv1.3 ciphersuite names in order of preference. Valid TLSv1.3 ciphersuite names are:

	TLS_AES_128_GCM_SHA256
	TLS_AES_256_GCM_SHA384
	TLS_CHACHA20_POLY1305_SHA256
	TLS_AES_128_CCM_SHA256
	TLS_AES_128_CCM_8_SHA256

	An empty list is permissible. The default value for the this setting is:

	"TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256"

	SSL_set_ciphersuites() is the same as SSL_CTX_set_ciphersuites() except it configures the ciphersuites for ssl.
	...

checkin in dovecot tag 2.3.10.1's src,

m4/ssl.m4 (m4)
	...
	AC_CHECK_LIB(ssl, SSL_CTX_set_ciphersuites, [
	AC_DEFINE(HAVE_SSL_CTX_SET_CIPHERSUITES,, [Build with SSL_CTX_set_ciphersuites() support])
	],, $SSL_LIBS)
	...

and,

src/lib-ssl-iostream/iostream-openssl.c

	...
	#ifdef HAVE_SSL_CTX_SET_CIPHERSUITES
			if (set->ciphersuites != NULL &&
			strcmp(ctx_set->ciphersuites, set->ciphersuites) != 0) {
			if (SSL_set_ciphersuitesl(ssl_io->ssl, set->ciphersuites) == 0) {
				*error_r = t_strdup_printf(
					"Can't set ciphersuites to '%s': %s",
					set->ciphersuites, openssl_iostream_error());
				return -1;
			}
		}
	#endif
	...

suggests that ciphersuite support exists.

bug, checking in

./src/lib-master/master-service-ssl.c

	...
	void master_service_ssl_ctx_init(struct master_service *service)
	{
		const struct master_service_ssl_settings *set;
		struct ssl_iostream_settings ssl_set;
		const char *error;

		if (service->ssl_ctx_initialized)
			return;
		service->ssl_ctx_initialized = TRUE;

		/* must be called after master_service_init_finish() so that if
		initialization fails we can close the SSL listeners */
		i_assert(service->listeners != NULL || service->socket_count == 0);

		set = master_service_ssl_settings_get(service);
		if (strcmp(set->ssl, "no") == 0) {
			/* SSL disabled, don't use it */
			return;
		}

		i_zero(&ssl_set);
		ssl_set.min_protocol = set->ssl_min_protocol;
		ssl_set.cipher_list = set->ssl_cipher_list;
		ssl_set.curve_list = set->ssl_curve_list;
		ssl_set.ca = set->ssl_ca;
	...

there's only mention of

set->ssl_cipher_list

, not

set->ssl_ciphersuites

or equivalent, afaict.

if in dovecot's 10-ssl.conf I set

ssl_cipher_list = ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256

• ssl_ciphersuites = TLS_CHACHA20_POLY1305_SHA256:TLS_AES_256_GCM_SHA384:TLS_AES_128_GCM_SHA256

on restart

journalctl -f -u dovecot
	-- Logs begin at Sun 2020-09-20 14:30:30 PDT. --
	Sep 23 18:28:42 mx.example.com dovecot[4269]: doveconf: Fatal: Error in configuration file /etc/dovecot/conf.d/10-ssl.conf line 92: Unknown setting: ssl_ciphersuites

_is_ setting TLS 1.3

ssl_ciphersuites =

in fact currently supported, and usage is wrong here^?