selinux-policy/policy/modules/services/milter.te

policy_module(milter, 1.0.1)

########################################
#
# Declarations
#

# attributes common to all milters
attribute milter_domains;
attribute milter_data_type;

# currently-supported milters are milter-regex and spamass-milter
milter_template(regex)
milter_template(spamass)

# Type for the spamass-milter home directory, under which spamassassin will
# store system-wide preferences, bayes databases etc. if not configured to
# use per-user configuration
type spamass_milter_state_t;
files_type(spamass_milter_state_t)

########################################
#
# milter-regex local policy
#   filter emails using regular expressions
#   http://www.benzedrine.cx/milter-regex.html
#

# It removes any existing socket (not owned by root) whilst running as root
# and then calls setgid() and setuid() to drop privileges
allow regex_milter_t self:capability { setuid setgid dac_override };

# The milter's socket directory lives under /var/spool
files_search_spool(regex_milter_t)

# Look up username for dropping privs
auth_use_nsswitch(regex_milter_t)

# Config is in /etc/mail/milter-regex.conf
mta_read_config(regex_milter_t)

########################################
#
# spamass-milter local policy
#   pipe emails through SpamAssassin
#   http://savannah.nongnu.org/projects/spamass-milt/
#

# The milter runs from /var/lib/spamass-milter
allow spamass_milter_t spamass_milter_state_t:dir search_dir_perms;
files_search_var_lib(spamass_milter_t)

kernel_read_system_state(spamass_milter_t)

# When used with -b or -B options, the milter invokes sendmail to send mail
# to a spamtrap address, using popen()
corecmd_exec_shell(spamass_milter_t)
corecmd_read_bin_symlinks(spamass_milter_t)
corecmd_search_bin(spamass_milter_t)

mta_send_mail(spamass_milter_t)

# The main job of the milter is to pipe spam through spamc and act on the result
spamassassin_domtrans_client(spamass_milter_t)