selinux-policy/refpolicy/policy/modules/services/dovecot.if

## <summary>Dovecot POP and IMAP mail server</summary>

########################################
## <summary>
##	Create, read, write, and delete the dovecot spool files.
## </summary>
## <param name="domain">
##	Domain allowed access.
## </param>
#
interface(`dovecot_manage_spool',`
	gen_require(`
		type dovecot_spool_t;
	')

	allow $1 dovecot_spool_t:dir rw_dir_perms;
	allow $1 dovecot_spool_t:file create_file_perms;
	allow $1 dovecot_spool_t:lnk_file create_lnk_perms;
')