diff --git a/README.md b/README.md
index 8342c58..c9a411e 100644
--- a/README.md
+++ b/README.md
@@ -69,6 +69,23 @@ letter is either s or p, for SSL/TLS encrypted or plain traffic respectively.
 This information is also important for the program, because it cannot reliably 
 determine if the actual network traffic it is processing was encrypted or not.
 
+This mode of operation allows you to divert decrypted packets to remote 
+listening programs too. For example, given the following proxy specification:
+
+	https 127.0.0.1 8443 up:8080 ua:192.168.0.1 ra:192.168.1.1
+
+The ua option tells SSLproxy to divert decrypted packets to 192.168.0.1:8080, 
+instead of 127.0.0.1:8080 as in the previous example. Also, the ra option 
+tells SSLproxy to listen for returned packets from the program on 192.168.1.1. 
+Accordingly, the line SSLproxy inserts into the first packet in the connection 
+now becomes:
+
+	SSLproxy: [192.168.1.1]:34649,[192.168.3.24]:47286,[192.168.111.130]:443,s
+
+So, the listening program can be running on a machine anywhere in the world. 
+Since the packets between SSLproxy and the listening program are unencrypted, 
+you should be careful while using such a setup.
+
 SSLproxy supports plain TCP, plain SSL, HTTP, HTTPS, POP3, POP3S, SMTP, and 
 SMTPS connections over both IPv4 and IPv6.  It also has the ability to 
 dynamically upgrade plain TCP to SSL in order to generically support SMTP