The old tcpwrap library still provides useful security-in-depth to servers. With systemd dropping its functionality, it falls to individual servers to protect themselves. Please consider respinning dovecot with BuildRequires: libwrap-devel and %configure --with-libwrap (PS. I tried but failed to run dovecot -login agents under xinetd, with ssl-related configuration errors from the exact same files that the systemd dovecot invocation uses successfully. So xinetd / tcpd wrapping of imap/pop3-login appear impossible now.)
dovecot-2.2.31-3.fc26 has been submitted as an update to Fedora 26. https://bodhi.fedoraproject.org/updates/FEDORA-2017-b767dd178b
dovecot-2.2.31-3.fc25 has been submitted as an update to Fedora 25. https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bff5ec747
dovecot-2.2.31-3.fc25 has been pushed to the Fedora 25 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-6bff5ec747
dovecot-2.2.31-3.fc26 has been pushed to the Fedora 26 testing repository. If problems still persist, please make note of it in this bug report. See https://fedoraproject.org/wiki/QA:Updates_Testing for instructions on how to install test updates. You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2017-b767dd178b
dovecot-2.2.31-3.fc26 has been pushed to the Fedora 26 stable repository. If problems still persist, please make note of it in this bug report.
dovecot-2.2.31-3.fc25 has been pushed to the Fedora 25 stable repository. If problems still persist, please make note of it in this bug report.