diff --git a/policy/modules/services/dovecot.fc b/policy/modules/services/dovecot.fc
index b6de818..bfc880b 100644
--- a/policy/modules/services/dovecot.fc
+++ b/policy/modules/services/dovecot.fc
@@ -2,6 +2,7 @@
 #
 # /etc
 #
+/etc/dovecot(/.*)?*			gen_context(system_u:object_r:dovecot_etc_t,s0)
 /etc/dovecot\.conf.*			gen_context(system_u:object_r:dovecot_etc_t,s0)
 /etc/dovecot\.passwd.*			gen_context(system_u:object_r:dovecot_passwd_t,s0)
 
@@ -22,8 +23,10 @@ ifdef(`distro_debian', `
 ')
 
 ifdef(`distro_redhat', `
+/usr/libexec/dovecot/auth 	--	gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
+/usr/libexec/dovecot/deliver	--	gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
+/usr/libexec/dovecot/deliver-lda --	gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
 /usr/libexec/dovecot/dovecot-auth --	gen_context(system_u:object_r:dovecot_auth_exec_t,s0)
-/usr/libexec/dovecot/deliver --	gen_context(system_u:object_r:dovecot_deliver_exec_t,s0)
 ')
 
 #
@@ -34,6 +37,7 @@ ifdef(`distro_redhat', `
 
 /var/lib/dovecot(/.*)?			gen_context(system_u:object_r:dovecot_var_lib_t,s0)
 
+/var/log/dovecot(/.*)?			gen_context(system_u:object_r:dovecot_var_log_t,s0)
 /var/log/dovecot\.log.*			gen_context(system_u:object_r:dovecot_var_log_t,s0)
 
 /var/spool/dovecot(/.*)?		gen_context(system_u:object_r:dovecot_spool_t,s0)
diff --git a/policy/modules/services/dovecot.if b/policy/modules/services/dovecot.if
index 93eeef5..eed4e6c 100644
--- a/policy/modules/services/dovecot.if
+++ b/policy/modules/services/dovecot.if
@@ -76,7 +76,7 @@ interface(`dovecot_dontaudit_unlink_lib_files',`
 
 ########################################
 ## <summary>
-##	All of the rules required to administrate 
+##	All of the rules required to administrate
 ##	an dovecot environment
 ## </summary>
 ## <param name="domain">
diff --git a/policy/modules/services/dovecot.te b/policy/modules/services/dovecot.te
index 9f16e2e..6476ef6 100644
--- a/policy/modules/services/dovecot.te
+++ b/policy/modules/services/dovecot.te
@@ -1,5 +1,5 @@
 
-policy_module(dovecot, 1.11.1)
+policy_module(dovecot, 1.11.2)
 
 ########################################
 #
@@ -39,6 +39,9 @@ files_type(dovecot_passwd_t)
 type dovecot_spool_t;
 files_type(dovecot_spool_t)
 
+type dovecot_tmp_t;
+files_tmp_file(dovecot_tmp_t)
+
 # /var/lib/dovecot holds SSL parameters file
 type dovecot_var_lib_t;
 files_type(dovecot_var_lib_t)
@@ -54,7 +57,7 @@ files_pid_file(dovecot_var_run_t)
 # dovecot local policy
 #
 
-allow dovecot_t self:capability { dac_override dac_read_search chown net_bind_service setgid setuid sys_chroot };
+allow dovecot_t self:capability { dac_override dac_read_search chown kill net_bind_service setgid setuid sys_chroot };
 dontaudit dovecot_t self:capability sys_tty_config;
 allow dovecot_t self:process { setrlimit signal_perms getcap setcap };
 allow dovecot_t self:fifo_file rw_fifo_file_perms;
@@ -64,6 +67,8 @@ allow dovecot_t self:unix_stream_socket { create_stream_socket_perms connectto }
 
 domtrans_pattern(dovecot_t, dovecot_auth_exec_t, dovecot_auth_t)
 
+allow dovecot_t dovecot_auth_t:process signal;
+
 allow dovecot_t dovecot_cert_t:dir list_dir_perms;
 read_files_pattern(dovecot_t, dovecot_cert_t, dovecot_cert_t)
 read_lnk_files_pattern(dovecot_t, dovecot_cert_t, dovecot_cert_t)
@@ -73,14 +78,25 @@ files_search_etc(dovecot_t)
 
 can_exec(dovecot_t, dovecot_exec_t)
 
+manage_dirs_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t)
+manage_files_pattern(dovecot_t, dovecot_tmp_t, dovecot_tmp_t)
+files_tmp_filetrans(dovecot_t, dovecot_tmp_t, { file dir })
+
+# Allow dovecot to create and read SSL parameters file
+manage_files_pattern(dovecot_t, dovecot_var_lib_t, dovecot_var_lib_t)
+files_search_var_lib(dovecot_t)
+files_read_var_symlinks(dovecot_t)
+
+manage_dirs_pattern(dovecot_t, dovecot_var_log_t, dovecot_var_log_t)
 manage_files_pattern(dovecot_t, dovecot_var_log_t, dovecot_var_log_t)
-logging_log_filetrans(dovecot_t, dovecot_var_log_t, file)
+logging_log_filetrans(dovecot_t, dovecot_var_log_t, { file dir })
 
 manage_dirs_pattern(dovecot_t, dovecot_spool_t, dovecot_spool_t)
 manage_files_pattern(dovecot_t, dovecot_spool_t, dovecot_spool_t)
 manage_lnk_files_pattern(dovecot_t, dovecot_spool_t, dovecot_spool_t)
 
 manage_files_pattern(dovecot_t, dovecot_var_run_t, dovecot_var_run_t)
+manage_lnk_files_pattern(dovecot_t, dovecot_var_run_t, dovecot_var_run_t)
 manage_sock_files_pattern(dovecot_t, dovecot_var_run_t, dovecot_var_run_t)
 files_pid_filetrans(dovecot_t, dovecot_var_run_t, file)
 
@@ -93,6 +109,7 @@ corenet_tcp_sendrecv_generic_if(dovecot_t)
 corenet_tcp_sendrecv_generic_node(dovecot_t)
 corenet_tcp_sendrecv_all_ports(dovecot_t)
 corenet_tcp_bind_generic_node(dovecot_t)
+corenet_tcp_bind_mail_port(dovecot_t)
 corenet_tcp_bind_pop_port(dovecot_t)
 corenet_tcp_connect_all_ports(dovecot_t)
 corenet_tcp_connect_postgresql_port(dovecot_t)
@@ -103,6 +120,7 @@ dev_read_sysfs(dovecot_t)
 dev_read_urand(dovecot_t)
 
 fs_getattr_all_fs(dovecot_t)
+fs_getattr_all_dirs(dovecot_t)
 fs_search_auto_mountpoints(dovecot_t)
 fs_list_inotifyfs(dovecot_t)
 
@@ -142,6 +160,10 @@ optional_policy(`
 ')
 
 optional_policy(`
+	postgresql_stream_connect(dovecot_t)
+')
+
+optional_policy(`
 	seutil_sigchld_newrole(dovecot_t)
 ')
 
@@ -172,11 +194,6 @@ manage_dirs_pattern(dovecot_auth_t, dovecot_auth_tmp_t, dovecot_auth_tmp_t)
 manage_files_pattern(dovecot_auth_t, dovecot_auth_tmp_t, dovecot_auth_tmp_t)
 files_tmp_filetrans(dovecot_auth_t, dovecot_auth_tmp_t, { file dir })
 
-# Allow dovecot to create and read SSL parameters file
-manage_files_pattern(dovecot_t, dovecot_var_lib_t, dovecot_var_lib_t)
-files_search_var_lib(dovecot_t)
-files_read_var_symlinks(dovecot_t)
-
 allow dovecot_auth_t dovecot_var_run_t:dir list_dir_perms;
 manage_sock_files_pattern(dovecot_auth_t, dovecot_var_run_t, dovecot_var_run_t)
 dovecot_stream_connect_auth(dovecot_auth_t)
@@ -197,6 +214,7 @@ files_read_etc_runtime_files(dovecot_auth_t)
 files_search_pids(dovecot_auth_t)
 files_read_usr_files(dovecot_auth_t)
 files_read_usr_symlinks(dovecot_auth_t)
+files_read_var_lib_files(dovecot_auth_t)
 files_search_tmp(dovecot_auth_t)
 files_read_var_lib_files(dovecot_t)
 
@@ -234,6 +252,8 @@ optional_policy(`
 #
 allow dovecot_deliver_t self:unix_dgram_socket create_socket_perms;
 
+allow dovecot_deliver_t dovecot_t:process signull;
+
 allow dovecot_deliver_t dovecot_etc_t:file read_file_perms;
 allow dovecot_deliver_t dovecot_var_run_t:dir list_dir_perms;
 
@@ -246,6 +266,7 @@ files_read_etc_runtime_files(dovecot_deliver_t)
 auth_use_nsswitch(dovecot_deliver_t)
 
 logging_send_syslog_msg(dovecot_deliver_t)
+logging_search_logs(dovecot_auth_t)
 
 miscfiles_read_localization(dovecot_deliver_t)
 
@@ -263,11 +284,19 @@ userdom_manage_user_home_content_sockets(dovecot_deliver_t)
 userdom_user_home_dir_filetrans_user_home_content(dovecot_deliver_t, { dir file lnk_file fifo_file sock_file })
 
 tunable_policy(`use_nfs_home_dirs',`
+	fs_manage_nfs_dirs(dovecot_deliver_t)
+	fs_manage_nfs_files(dovecot_deliver_t)
+	fs_manage_nfs_symlinks(dovecot_deliver_t)
+	fs_manage_nfs_dirs(dovecot_t)
 	fs_manage_nfs_files(dovecot_t)
 	fs_manage_nfs_symlinks(dovecot_t)
 ')
 
 tunable_policy(`use_samba_home_dirs',`
+	fs_manage_cifs_dirs(dovecot_deliver_t)
+	fs_manage_cifs_files(dovecot_deliver_t)
+	fs_manage_cifs_symlinks(dovecot_deliver_t)
+	fs_manage_cifs_dirs(dovecot_t)
 	fs_manage_cifs_files(dovecot_t)
 	fs_manage_cifs_symlinks(dovecot_t)
 ')