CentOS-6.6
Postfix-2.11.1 (local)
ClamAV-0.98.5 (epel)
Amavisd-new-2.9.1 (epel)
opendkim-2.9.0 (CentOS)
pypolicyd-spf-1.3.1 (epel)

Is there something going on in selinuxland with respect to clamav, amavisd-new and postfix? Since the most recent update of clamav I seem to be detecting more avc’s. It may be that it is because I am looking for them more frequently but it seems to me that something has happened external to my control.

The most recent things I see are these:

audit2allow -l -a

#============= amavis_t =============allow amavis_t sysfs_t:dir read;
allow amavis_t sysfs_t:file open;

#============= clamscan_t =============#!!!! The source type ‘clamscan_t’ can write to a ‘dir’ of the following types:
# clamscan_tmp_t, clamd_var_lib_t, tmp_t, root_t

allow clamscan_t amavis_spool_t:dir write;

#============= postfix_smtp_t =============allow postfix_smtp_t postfix_spool_maildrop_t:file open;

#============= spamd_t =============allow spamd_t etc_runtime_t:file append;

Is there anything wrong with just creating a local policy module for these and loading it?