The 'correct' permissions for /var/spool/mail _MUST_ be changed to 1777 here -- the owning package, in order to properly run the imapd. See the analysis on Bug 10678. The 'taint' bit protects the lockfile, and false writes to mail spool files, when combined with file ownerships. Linuxconf also needs to have this change fed back to its maintainer as a 'correct' behavior. As with other 7.0 changes, this is the RIGHT time to make this change.
1777 mail spool directory allows all sorts of unpleasant disk filling attacks, people making symlinks into the mail spool and worse. Most mail applications are not hardened against that kind of abuse. Sure - there should be an sgid external mail-lock helper. I've been trying to beat this into certain mail package authors for 3 or 4 years. But there isnt and your cure is worse than the disease, far far worse than the disease
*** Bug 21126 has been marked as a duplicate of this bug. ***