From 41ccc133941f67ba1a40a0b826c2da9bc779cd2e Mon Sep 17 00:00:00 2001
From: link2xt <link2xt@testrun.org>
Date: Thu, 19 Jan 2023 21:06:31 +0000
Subject: [PATCH] Extend `lookup_host_with_cache` comment

---
 src/net.rs | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/net.rs b/src/net.rs
index d983a6b5c..e94e1484e 100644
--- a/src/net.rs
+++ b/src/net.rs
@@ -129,7 +129,11 @@ async fn lookup_host_with_cache(
 /// to the network, which is important to reduce the latency of interactive protocols such as IMAP.
 ///
 /// If `load_cache` is true, may use cached DNS results.
-/// Use this only if the connection is going to be protected with TLS.
+/// Because the cache may be poisoned with incorrect results by networks hijacking DNS requests,
+/// this option should only be used when connection is authenticated,
+/// for example using TLS.
+/// If TLS is not used or invalid TLS certificates are allowed,
+/// this option should be disabled.
 pub(crate) async fn connect_tcp(
     context: &Context,
     host: &str,