I've found that some of these will work with, e.g. Dovecot's IMAPS daemon, just by appending ":993" to the hostname.

Yesterday I found one that would only work on port 443, but it was a simple matter of creating two iptables rules: one to permit incoming IP packets to 443/TCP and the other to redirect them to 993/TCP.

Yes, try CheckTLS: http://www.checktls.com/

Although, ironically, their web site does not seem to use TLS properly, not enforcing encryption on login and using mixed content.

Not to my knowledge; a full testing tool for IMAP, SMTP, TLS, DKIM, and DNSSEC would have been amazing a year or so ago when I was still maintaining mail servers!