From Debian package 0.0.20080702-10

Add clamd spool type
Let freshclam pass through /var/lib to /var/lib/clamav
clamav-milter label was merged upstream in ad0aea53 (2009-07-21)
Let postfix talk to clamav

Index: policy/modules/services/clamav.te
===================================================================
--- policy/modules/services/clamav.te.orig
+++ policy/modules/services/clamav.te
@@ -36,6 +36,10 @@
 type clamd_var_lib_t;
 files_type(clamd_var_lib_t)
 
+# spool files
+type clamd_spool_t;
+files_type(clamd_spool_t)
+
 # pid files
 type clamd_var_run_t;
 files_pid_file(clamd_var_run_t)
@@ -83,6 +87,10 @@
 manage_dirs_pattern(clamd_t, clamd_var_lib_t, clamd_var_lib_t)
 manage_files_pattern(clamd_t, clamd_var_lib_t, clamd_var_lib_t)
 
+# spool files
+manage_dirs_pattern(clamd_t,clamd_spool_t,clamd_spool_t)
+manage_files_pattern(clamd_t,clamd_spool_t,clamd_spool_t)
+
 # log files
 manage_dirs_pattern(clamd_t, clamd_var_log_t, clamd_var_log_t)
 manage_files_pattern(clamd_t, clamd_var_log_t, clamd_var_log_t)
@@ -100,6 +108,9 @@
 
 corecmd_exec_shell(clamd_t)
 
+# for /proc/meminfo
+allow clamd_t proc_t:file { getattr read };
+
 corenet_all_recvfrom_unlabeled(clamd_t)
 corenet_all_recvfrom_netlabel(clamd_t)
 corenet_tcp_sendrecv_generic_if(clamd_t)
@@ -161,6 +172,8 @@
 # Freshclam local policy
 #
 
+files_search_var_lib(freshclam_t)
+
 allow freshclam_t self:capability { setgid setuid dac_override };
 allow freshclam_t self:fifo_file rw_fifo_file_perms;
 allow freshclam_t self:unix_stream_socket create_stream_socket_perms;
Index: policy/modules/services/clamav.fc
===================================================================
--- policy/modules/services/clamav.fc.orig
+++ policy/modules/services/clamav.fc
@@ -18,3 +18,4 @@
 /var/run/clamd.*			gen_context(system_u:object_r:clamd_var_run_t,s0)
 /var/spool/amavisd/clamd\.sock	-s	gen_context(system_u:object_r:clamd_var_run_t,s0)
 /var/spool/MailScanner(/.*)?		gen_context(system_u:object_r:clamd_var_run_t,s0)
+/var/spool/postfix/clamav(/.*)?		gen_context(system_u:object_r:clamd_var_run_t,s0)
Index: policy/modules/services/postfix.te
===================================================================
--- policy/modules/services/postfix.te.orig
+++ policy/modules/services/postfix.te
@@ -607,6 +607,10 @@
 ')
 
 optional_policy(`
+	clamav_stream_connect(postfix_smtpd_t)
+')
+
+optional_policy(`
 	sasl_connect(postfix_smtpd_t)
 ')