# Sendmail (daemon mode) policy by Jon Crowley, MITRE Corporation
# based on a policy by Stephen Smalley, NAI Labs


#################################
#
# Rules for the sendmail_t domain.
#
# sendmail_t is the domain for the sendmail 
# daemon started by the init rc scripts.
# sendmail_exec_t is the type of the sendmail executable.
#
type sendmail_t, domain, privlog, privrole, privuser;
type sendmail_exec_t, file_type, sysadmfile, exec_type;

type script_interpreters_t, file_type;

# The /etc/statistics file needs to be written to
# by user mail processes so it needs a different type
# then etc_mail_t
type sendmail_statistics_t, file_type;
allow sendmail_t sendmail_statistics_t:file rw_file_perms;
 
#type sendmail_makemap_exec_t, file_type, sysadmfile, exec_type;


type sendmail_tmp_t, file_type, sysadmfile, tmpfile;
file_type_auto_trans(sendmail_t, tmp_t, sendmail_tmp_t)

type sendmail_var_log_t, file_type, sysadmfile;
file_type_auto_trans(sendmail_t, var_log_t, sendmail_var_log_t)

type sendmail_var_run_t, file_type, sysadmfile, pidfile;
file_type_auto_trans(sendmail_t, var_run_t, sendmail_var_run_t)

# Use capabilities
allow sendmail_t sendmail_t:capability { setuid setgid net_bind_service sys_nice chown dac_override };

# control for ioctl commands
allow sendmail_t kernel_t:system { net_io_control };

# Inherit and use descriptors from init.
allow sendmail_t init_t:fd inherit_fd_perms;

# Use the network.
can_network(sendmail_t)

# Bind to the SMTP port.
allow sendmail_t smtp_port_t:tcp_socket name_bind;

# Write to /etc/aliases and /etc/mail.
allow sendmail_t etc_aliases_t:file rw_file_perms;
allow sendmail_t etc_mail_t:dir rw_dir_perms;
allow sendmail_t etc_mail_t:file create_file_perms;
allow sendmail_t etc_mail_t:file r_file_perms;

# Write to /var/spool/mqueue.
allow sendmail_t mqueue_spool_t:dir rw_dir_perms;
allow sendmail_t mqueue_spool_t:file create_file_perms;

# /usr/sbin/sendmail asks for w access to utmp, but it will operate
# correctly without it.  Do not audit write denials to utmp.
auditdeny sendmail_t initrc_var_run_t:file ~write;

# transition to procmail
domain_auto_trans(sendmail_t, procmail_exec_t, procmail_t)

# can execute smrsh
domain_auto_trans(sendmail_t, smrsh_exec_t, user_smrsh_t)

# read .forward files
allow sendmail_t dot_forward_t:file r_file_perms;