X-Git-Url: https://git.exim.org/exim.git/blobdiff_plain/56f6b77ef9217c8cba84cb151ec8fef205f6fc3e..c86c97065357b1cca9601246cec74aa364a635f5:/doc/doc-docbook/spec.xfpt

diff --git a/doc/doc-docbook/spec.xfpt b/doc/doc-docbook/spec.xfpt
index 8faa78dce..5b3436f74 100644
--- a/doc/doc-docbook/spec.xfpt
+++ b/doc/doc-docbook/spec.xfpt
@@ -6602,7 +6602,7 @@ file that is searched could contain lines like this:
 When the lookup succeeds, the result of the expansion is a list of domains (and
 possibly other types of item that are allowed in domain lists).
 .cindex "tainted data" "de-tainting"
-.cindex "de-tainting" "using a lookup expansion""
+.cindex "de-tainting" "using a lookup expansion"
 The result of the expansion is not tainted.
 
 .next
@@ -16189,9 +16189,12 @@ case. That is why the default tries a DNS lookup first.
 .cindex "host" "rejecting connections from"
 If this option is set, incoming SMTP calls from the hosts listed are rejected
 as soon as the connection is made.
-This option is obsolete, and retained only for backward compatibility, because
+This option is mostly obsolete, retained for backward compatibility because
 nowadays the ACL specified by &%acl_smtp_connect%& can also reject incoming
-connections immediately.
+connections immediately
+.new
+(except for tls-on-connect connections).
+.wen
 
 The ability to give an immediate rejection (either by this option or using an
 ACL) is provided for use in unusual cases. Many hosts will just try again,