diff --git a/policy-F16.patch b/policy-F16.patch
index 25b10b5..2b57579 100644
--- a/policy-F16.patch
+++ b/policy-F16.patch
@@ -22925,7 +22925,7 @@ index 0000000..bd83148
+## No Interfaces
diff --git a/policy/modules/roles/sysadm_secadm.te b/policy/modules/roles/sysadm_secadm.te
new file mode 100644
-index 0000000..2cc4c43
+index 0000000..e45e8b0
--- /dev/null
+++ b/policy/modules/roles/sysadm_secadm.te
@@ -0,0 +1,23 @@
@@ -22938,7 +22938,7 @@ index 0000000..2cc4c43
+
+gen_require(`
+ type sysadm_t;
-+ ole sysadm_r;
++ role sysadm_r;
+')
+
+userdom_security_admin_template(sysadm_t, sysadm_r)
@@ -46849,7 +46849,7 @@ index 256166a..71e7a36 100644
+/var/spool/mqueue\.in(/.*)? gen_context(system_u:object_r:mqueue_spool_t,s0)
/var/spool/mail(/.*)? gen_context(system_u:object_r:mail_spool_t,s0)
diff --git a/policy/modules/services/mta.if b/policy/modules/services/mta.if
-index 343cee3..7ae15f4 100644
+index 343cee3..ff6a8c7 100644
--- a/policy/modules/services/mta.if
+++ b/policy/modules/services/mta.if
@@ -37,9 +37,9 @@ interface(`mta_stub',`
@@ -46863,7 +46863,7 @@ index 343cee3..7ae15f4 100644
gen_require(`
attribute user_mail_domain;
type sendmail_exec_t;
-@@ -56,92 +56,11 @@ template(`mta_base_mail_template',`
+@@ -56,92 +56,15 @@ template(`mta_base_mail_template',`
type $1_mail_tmp_t;
files_tmp_file($1_mail_tmp_t)
@@ -46903,7 +46903,7 @@ index 343cee3..7ae15f4 100644
+ files_tmp_filetrans($1_mail_t, $1_mail_tmp_t, { file dir })
auth_use_nsswitch($1_mail_t)
--
+
- init_dontaudit_rw_utmp($1_mail_t)
-
- logging_send_syslog_msg($1_mail_t)
@@ -46916,9 +46916,9 @@ index 343cee3..7ae15f4 100644
- exim_manage_spool_files($1_mail_t)
- ')
-
-- optional_policy(`
-- postfix_domtrans_user_mail_handler($1_mail_t)
-- ')
+ optional_policy(`
+ postfix_domtrans_user_mail_handler($1_mail_t)
+ ')
-
- optional_policy(`
- procmail_exec($1_mail_t)
@@ -46959,7 +46959,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -158,6 +77,7 @@ template(`mta_base_mail_template',`
+@@ -158,6 +81,7 @@ template(`mta_base_mail_template',`
## User domain for the role
##
##
@@ -46967,7 +46967,7 @@ index 343cee3..7ae15f4 100644
#
interface(`mta_role',`
gen_require(`
-@@ -169,11 +89,19 @@ interface(`mta_role',`
+@@ -169,11 +93,19 @@ interface(`mta_role',`
# Transition from the user domain to the derived domain.
domtrans_pattern($2, sendmail_exec_t, user_mail_t)
@@ -46988,7 +46988,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -220,6 +148,25 @@ interface(`mta_agent_executable',`
+@@ -220,6 +152,25 @@ interface(`mta_agent_executable',`
application_executable_file($1)
')
@@ -47014,7 +47014,7 @@ index 343cee3..7ae15f4 100644
########################################
##
## Make the specified type by a system MTA.
-@@ -306,10 +253,11 @@ interface(`mta_mailserver_sender',`
+@@ -306,10 +257,11 @@ interface(`mta_mailserver_sender',`
interface(`mta_mailserver_delivery',`
gen_require(`
attribute mailserver_delivery;
@@ -47027,7 +47027,7 @@ index 343cee3..7ae15f4 100644
')
#######################################
-@@ -330,12 +278,6 @@ interface(`mta_mailserver_user_agent',`
+@@ -330,12 +282,6 @@ interface(`mta_mailserver_user_agent',`
')
typeattribute $1 mta_user_agent;
@@ -47040,7 +47040,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -350,9 +292,8 @@ interface(`mta_mailserver_user_agent',`
+@@ -350,9 +296,8 @@ interface(`mta_mailserver_user_agent',`
#
interface(`mta_send_mail',`
gen_require(`
@@ -47051,7 +47051,7 @@ index 343cee3..7ae15f4 100644
')
allow $1 mta_exec_type:lnk_file read_lnk_file_perms;
-@@ -391,12 +332,19 @@ interface(`mta_send_mail',`
+@@ -391,12 +336,19 @@ interface(`mta_send_mail',`
#
interface(`mta_sendmail_domtrans',`
gen_require(`
@@ -47073,7 +47073,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -409,7 +357,6 @@ interface(`mta_sendmail_domtrans',`
+@@ -409,7 +361,6 @@ interface(`mta_sendmail_domtrans',`
##
##
#
@@ -47081,7 +47081,7 @@ index 343cee3..7ae15f4 100644
interface(`mta_signal_system_mail',`
gen_require(`
type system_mail_t;
-@@ -420,6 +367,24 @@ interface(`mta_signal_system_mail',`
+@@ -420,6 +371,24 @@ interface(`mta_signal_system_mail',`
########################################
##
@@ -47106,7 +47106,7 @@ index 343cee3..7ae15f4 100644
## Execute sendmail in the caller domain.
##
##
-@@ -438,6 +403,26 @@ interface(`mta_sendmail_exec',`
+@@ -438,6 +407,26 @@ interface(`mta_sendmail_exec',`
########################################
##
@@ -47133,7 +47133,7 @@ index 343cee3..7ae15f4 100644
## Read mail server configuration.
##
##
-@@ -474,7 +459,8 @@ interface(`mta_write_config',`
+@@ -474,7 +463,8 @@ interface(`mta_write_config',`
type etc_mail_t;
')
@@ -47143,7 +47143,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -494,6 +480,7 @@ interface(`mta_read_aliases',`
+@@ -494,6 +484,7 @@ interface(`mta_read_aliases',`
files_search_etc($1)
allow $1 etc_aliases_t:file read_file_perms;
@@ -47151,7 +47151,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -532,7 +519,7 @@ interface(`mta_etc_filetrans_aliases',`
+@@ -532,7 +523,7 @@ interface(`mta_etc_filetrans_aliases',`
type etc_aliases_t;
')
@@ -47160,7 +47160,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -552,7 +539,7 @@ interface(`mta_rw_aliases',`
+@@ -552,7 +543,7 @@ interface(`mta_rw_aliases',`
')
files_search_etc($1)
@@ -47169,7 +47169,7 @@ index 343cee3..7ae15f4 100644
')
#######################################
-@@ -646,8 +633,8 @@ interface(`mta_dontaudit_getattr_spool_files',`
+@@ -646,8 +637,8 @@ interface(`mta_dontaudit_getattr_spool_files',`
files_dontaudit_search_spool($1)
dontaudit $1 mail_spool_t:dir search_dir_perms;
@@ -47180,7 +47180,7 @@ index 343cee3..7ae15f4 100644
')
#######################################
-@@ -677,7 +664,26 @@ interface(`mta_spool_filetrans',`
+@@ -677,7 +668,26 @@ interface(`mta_spool_filetrans',`
')
files_search_spool($1)
@@ -47208,7 +47208,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -697,8 +703,8 @@ interface(`mta_rw_spool',`
+@@ -697,8 +707,8 @@ interface(`mta_rw_spool',`
files_search_spool($1)
allow $1 mail_spool_t:dir list_dir_perms;
@@ -47219,7 +47219,7 @@ index 343cee3..7ae15f4 100644
read_lnk_files_pattern($1, mail_spool_t, mail_spool_t)
')
-@@ -838,7 +844,7 @@ interface(`mta_dontaudit_rw_queue',`
+@@ -838,7 +848,7 @@ interface(`mta_dontaudit_rw_queue',`
')
dontaudit $1 mqueue_spool_t:dir search_dir_perms;
@@ -47228,7 +47228,7 @@ index 343cee3..7ae15f4 100644
')
########################################
-@@ -864,6 +870,36 @@ interface(`mta_manage_queue',`
+@@ -864,6 +874,36 @@ interface(`mta_manage_queue',`
#######################################
##
@@ -47265,7 +47265,7 @@ index 343cee3..7ae15f4 100644
## Read sendmail binary.
##
##
-@@ -899,3 +935,114 @@ interface(`mta_rw_user_mail_stream_sockets',`
+@@ -899,3 +939,114 @@ interface(`mta_rw_user_mail_stream_sockets',`
allow $1 user_mail_domain:unix_stream_socket rw_socket_perms;
')
@@ -47381,7 +47381,7 @@ index 343cee3..7ae15f4 100644
+ mta_filetrans_admin_home_content($1)
+')
diff --git a/policy/modules/services/mta.te b/policy/modules/services/mta.te
-index 64268e4..ab8c4e4 100644
+index 64268e4..8fd5f8a 100644
--- a/policy/modules/services/mta.te
+++ b/policy/modules/services/mta.te
@@ -20,14 +20,16 @@ files_type(etc_aliases_t)
@@ -47658,7 +47658,7 @@ index 64268e4..ab8c4e4 100644
# Read user temporary files.
# postfix seems to need write access if the file handle is opened read/write
userdom_rw_user_tmp_files(user_mail_t)
-@@ -292,3 +303,115 @@ optional_policy(`
+@@ -292,3 +303,114 @@ optional_policy(`
postfix_read_config(user_mail_t)
postfix_list_spool(user_mail_t)
')
@@ -47747,7 +47747,6 @@ index 64268e4..ab8c4e4 100644
+ postfix_exec_master(user_mail_domain)
+ postfix_read_config(user_mail_domain)
+ postfix_search_spool(user_mail_domain)
-+ postfix_domtrans_user_mail_handler(user_mail_domain)
+ postfix_rw_master_pipes(user_mail_domain)
+
+ ifdef(`distro_redhat',`