From f5c688321e04364bdfd030dd1412a7e5a4ecc6b6 Mon Sep 17 00:00:00 2001
From: Zdenek Pytela <zpytela@redhat.com>
Date: Tue, 10 Nov 2020 18:04:49 +0100
Subject: [PATCH] Allow dovecot bind to smtp ports

When dovecot is configured to listen on submission ports
(tcp 465 or 587), it requires the name_bind permission to ports
labeled smtp_port_t.

Resolves: rhbz#1881884
---
 dovecot.te | 1 +
 1 file changed, 1 insertion(+)

diff --git a/policy/modules/contrib/dovecot.te b/policy/modules/contrib/dovecot.te
index 6cf4b72e9..0b140e932 100644
--- a/policy/modules/contrib/dovecot.te
+++ b/policy/modules/contrib/dovecot.te
@@ -147,6 +147,7 @@ corenet_tcp_bind_mail_port(dovecot_t)
 corenet_tcp_bind_pop_port(dovecot_t)
 corenet_tcp_bind_lmtp_port(dovecot_t)
 corenet_tcp_bind_sieve_port(dovecot_t)
+corenet_tcp_bind_smtp_port(dovecot_t)
 corenet_tcp_connect_all_ports(dovecot_t)
 corenet_tcp_connect_postgresql_port(dovecot_t)
 corenet_sendrecv_pop_server_packets(dovecot_t)
-- 
2.23.0