From cb00c3d1c311d607df52e7509c9d3087a2c61491 Mon Sep 17 00:00:00 2001
From: Daniel Nelson <daniel.nelson@influxdb.com>
Date: Fri, 15 Dec 2017 17:02:26 -0800
Subject: [PATCH 1/4] Add information about how to set postfix permissions

---
 plugins/inputs/postfix/README.md | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/plugins/inputs/postfix/README.md b/plugins/inputs/postfix/README.md
index 477a78c9bf0d6..11517c4ed85a1 100644
--- a/plugins/inputs/postfix/README.md
+++ b/plugins/inputs/postfix/README.md
@@ -13,6 +13,23 @@ For each of the active, hold, incoming, maildrop, and deferred queues (http://ww
   # queue_directory = "/var/spool/postfix"
 ```
 
+#### Permissions:
+
+Telegraf will need read access to the files in the queue directory.  You may
+need to alter the permissions of this directory to provide access to the
+telegraf user.
+
+Unix permissions:
+```sh
+$ sudo chgrp -R telegraf /var/spool/postfix
+$ sudo chmod -R g+rX /var/spool/postfix
+```
+
+Posix ACL:
+```sh
+$ sudo setfacl -R -m u:telegraf:r /var/spool/postfix
+```
+
 ### Measurements & Fields:
 
 - postfix_queue

From 3724811a385bc56373b42556d854fa11ddb2855e Mon Sep 17 00:00:00 2001
From: Daniel Nelson <daniel.nelson@influxdb.com>
Date: Fri, 15 Dec 2017 17:40:20 -0800
Subject: [PATCH 2/4] Fix suggested permissions for subdirectories

---
 plugins/inputs/postfix/README.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/plugins/inputs/postfix/README.md b/plugins/inputs/postfix/README.md
index 11517c4ed85a1..b5ffc5816f59a 100644
--- a/plugins/inputs/postfix/README.md
+++ b/plugins/inputs/postfix/README.md
@@ -22,12 +22,12 @@ telegraf user.
 Unix permissions:
 ```sh
 $ sudo chgrp -R telegraf /var/spool/postfix
-$ sudo chmod -R g+rX /var/spool/postfix
+$ sudo chmod -R g+rXs /var/spool/postfix
 ```
 
 Posix ACL:
 ```sh
-$ sudo setfacl -R -m u:telegraf:r /var/spool/postfix
+$ sudo setfacl -R -m u:telegraf:rX /var/spool/postfix
 ```
 
 ### Measurements & Fields:

From 6115a50213523bac98961a2bf2e92eac7f1af581 Mon Sep 17 00:00:00 2001
From: Daniel Nelson <daniel.nelson@influxdb.com>
Date: Thu, 28 Dec 2017 16:36:03 -0800
Subject: [PATCH 3/4] Update postfix permissions docs

---
 plugins/inputs/postfix/README.md | 10 ++++++----
 1 file changed, 6 insertions(+), 4 deletions(-)

diff --git a/plugins/inputs/postfix/README.md b/plugins/inputs/postfix/README.md
index b5ffc5816f59a..bbca934bebf65 100644
--- a/plugins/inputs/postfix/README.md
+++ b/plugins/inputs/postfix/README.md
@@ -16,18 +16,20 @@ For each of the active, hold, incoming, maildrop, and deferred queues (http://ww
 #### Permissions:
 
 Telegraf will need read access to the files in the queue directory.  You may
-need to alter the permissions of this directory to provide access to the
+need to alter the permissions of these directories to provide access to the
 telegraf user.
 
 Unix permissions:
 ```sh
-$ sudo chgrp -R telegraf /var/spool/postfix
-$ sudo chmod -R g+rXs /var/spool/postfix
+$ sudo chgrp -R telegraf /var/spool/postfix/{active,hold,incoming,deferred}
+$ sudo chmod -R g+rXs /var/spool/postfix/{active,hold,incoming,deferred}
+$ sudo usermod -a -G postdrop telegraf
+$ sudo chmod g+r /var/spool/postfix/maildrop
 ```
 
 Posix ACL:
 ```sh
-$ sudo setfacl -R -m u:telegraf:rX /var/spool/postfix
+$ sudo setfacl -R -m u:telegraf:rX /var/spool/postfix/{active,hold,incoming,deferred,maildrop}
 ```
 
 ### Measurements & Fields:

From 32fd8ae550b8a0e81fd683a159f309a3edbe43e1 Mon Sep 17 00:00:00 2001
From: Daniel Nelson <daniel.nelson@influxdb.com>
Date: Tue, 2 Jan 2018 11:58:45 -0800
Subject: [PATCH 4/4] Add to default acl

---
 plugins/inputs/postfix/README.md | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/plugins/inputs/postfix/README.md b/plugins/inputs/postfix/README.md
index bbca934bebf65..3dab2b39d2acb 100644
--- a/plugins/inputs/postfix/README.md
+++ b/plugins/inputs/postfix/README.md
@@ -29,7 +29,7 @@ $ sudo chmod g+r /var/spool/postfix/maildrop
 
 Posix ACL:
 ```sh
-$ sudo setfacl -R -m u:telegraf:rX /var/spool/postfix/{active,hold,incoming,deferred,maildrop}
+$ sudo setfacl -Rdm u:telegraf:rX /var/spool/postfix/{active,hold,incoming,deferred,maildrop}
 ```
 
 ### Measurements & Fields: