Comment 3 for bug 829089

I'm not up on current mimedefang, but doing something like this would be even better:

  /var/spool/MIMEDefang/mdefang-*/Work/ r,
  /var/spool/MIMEDefang/mdefang-*/Work/** r,

If mimedefang's spool directory only contains the files to be scanned, then the easier to maintain '/var/spool/MIMEDefang/** r,' is totally fine. If there is other stuff in there, may be it is worth using what I suggested above, but weighed against maintenance/fragility, maybe not.