add options, recategorize
diff --git a/README.md b/README.md
index b486ac2..7f35d83 100644
--- a/README.md
+++ b/README.md
@@ -10,17 +10,21 @@
## Settings:
-- `port`: Which port to listen on for scans. For security reasons, Aardvark will bind to localhost. Default is [1729](https://en.wikipedia.org/wiki/1729_(number))
-- `proxy_url`: The backend service to proxy to if request is sane
-- `ipheader`: The header to look for the client's IP in. Typically X-Forwarded-For.
-- `naive_spam_threshold`: This is the spam score threshold for the naïve scanner, `spamfilter.py`. It uses a pre-generated English corpus for detecting spam.
-- `spamurls`: Specific honey-pot URLs that trigger a block regardless of the action
-- `ignoreurls`: Specific URLs that are exempt from spam detection
-- `postmatches`: A list of keywords and/or regexes that, if matched, will block the request
-- `multimatch`: A combination blocker. If a `required` keyword or regex is matched, the request will be blocked only if one or more `auxiliary` keywords/regexes are also matched
-- `persistence`: Enables persistent storage of offending IPs in `blocklist.txt`. Enabling this also enables you to use unblock.py (to be enhanced further at a later point).
-- `debug`: If set to `true`, will spit out some extra lines for reach request handled. Can get very spammy.
-- `savedata`: A path which, if set, is where debug data from offending requests will be saved. This is typically the full first request an IP makes.
+- *General settings*:
+- - `port`: Which port to listen on for scans. For security reasons, Aardvark will bind to localhost. Default is [1729](https://en.wikipedia.org/wiki/1729_(number))
+- - `proxy_url`: The backend service to proxy to if request is sane
+- - `ipheader`: The header to look for the client's IP in. Typically X-Forwarded-For.
+- - `debug`: If set to `true`, will spit out some extra lines for reach request handled. Can get very spammy.
+- *Scan settings*:
+- - `naive_spam_threshold`: This is the spam score threshold for the naïve scanner, `spamfilter.py`. It uses a pre-generated English corpus for detecting spam.
+- - `spamurls`: Specific honey-pot URLs that trigger a block regardless of the action
+- - `ignoreurls`: Specific URLs that are exempt from spam detection
+- - `postmatches`: A list of keywords and/or regexes that, if matched, will block the request
+- - `multimatch`: A combination blocker. If a `required` keyword or regex is matched, the request will be blocked only if one or more `auxiliary` keywords/regexes are also matched
+- *Scoreboard settings*:
+- - `persistence`: Enables persistent storage of offending IPs in `blocklist.txt`. Enabling this also enables you to use unblock.py (to be enhanced further at a later point).
+- - `savedata`: A path which, if set, is where debug data from offending requests will be saved. This is typically the full first request an IP makes.
+- - `suppress_repeats`: Suppresses repeat syslog entries for known offenders. `debug: true` will override this.
## Naïve Spam Scan
Aardvark contains a very naïve spam scanner in `spamfilter.py` that uses a very simplified Bayes-esque formula for
