diff --git a/README.rst b/README.rst
index a33d8c0..8350831 100644
--- a/README.rst
+++ b/README.rst
@@ -13,7 +13,8 @@ parsedmarc
 ``parsedmarc`` is a Python module and CLI utility for parsing DMARC reports.
 When used with Elasticsearch and Kibana (or Splunk), it works as a self-hosted
 open source alternative to commercial DMARC report processing services such
-as Agari, Dmarcian, OnDMARC, ProofPoint Email Fraud Defense.
+as Agari Domain Defense, Dmarcian, OnDMARC, ProofPoint Email Fraud Defense,
+and Valimail.
 
 Features
 ========
@@ -108,7 +109,7 @@ For example
 
    [general]
    save_aggregate = True
-   save_forensic = False
+   save_forensic = True
 
    [imap]
    host = imap.example.com
@@ -117,7 +118,7 @@ For example
    watch = True
 
    [elasticsearch]
-   hosts = 127.0.0.1:92000
+   hosts = 127.0.0.1:9200
    ssl = False
 
    [splunk_hec]
@@ -150,7 +151,7 @@ The full set of configuration options are:
     - ``delete`` - bool: Delete messages after processing them, instead of archiving them
     - ``test`` - bool: Do not move or delete messages
 - ``elasticsearch``
-    - ``hosts`` - str: A comma separated list of URLs (e.g. https://user:secret@localhost:443)
+    - ``hosts`` - str: A comma separated list of hostnames and ports or URLs (e.g. ``127.0.0.1:9200`` or https://user:secret@localhost:443)
     - ``ssl`` - bool: Use an encrypted SSL/TLS connection (Default: True)
     - ``cert_path`` - str: Path to a trusted certificates
     - ``index_suffix`` - str: A suffix to apply to the index names
diff --git a/docs/example.ini b/docs/example.ini
index 5c10918..a27a670 100644
--- a/docs/example.ini
+++ b/docs/example.ini
@@ -2,7 +2,7 @@
 
 [general]
 save_aggregate = True
-save_forensic = False
+save_forensic = True
 
 [imap]
 host = imap.example.com
@@ -11,7 +11,7 @@ password = $uperSecure
 watch = True
 
 [elasticsearch]
-hosts = 127.0.0.1:92000
+hosts = 127.0.0.1:9200
 ssl = False
 
 [splunk_hec]
diff --git a/docs/index.rst b/docs/index.rst
index ea4f62f..191327d 100644
--- a/docs/index.rst
+++ b/docs/index.rst
@@ -18,7 +18,8 @@ parsedmarc documentation - Open source DMARC report analyzer and visualizer
 ``parsedmarc`` is a Python module and CLI utility for parsing DMARC reports.
 When used with Elasticsearch and Kibana (or Splunk), it works as a self-hosted
 open source alternative to commercial DMARC report processing services such
-as Agari, Dmarcian, OnDMARC, ProofPoint Email Fraud Defense.
+as Agari Domain Defense, Dmarcian, OnDMARC, ProofPoint Email Fraud Defense,
+and Valimail.
 
 Features
 ========
@@ -112,7 +113,7 @@ For example
 
    [general]
    save_aggregate = True
-   save_forensic = False
+   save_forensic = True
 
    [imap]
    host = imap.example.com
@@ -121,7 +122,7 @@ For example
    watch = True
 
    [elasticsearch]
-   hosts = 127.0.0.1:92000
+   hosts = 127.0.0.1:9200
    ssl = False
 
    [splunk_hec]
@@ -154,7 +155,7 @@ The full set of configuration options are:
     - ``delete`` - bool: Delete messages after processing them, instead of archiving them
     - ``test`` - bool: Do not move or delete messages
 - ``elasticsearch``
-    - ``hosts`` - str: A comma separated list of URLs (e.g. https://user:secret@localhost:443)
+    - ``hosts`` - str: A comma separated list of hostnames and ports or URLs (e.g. ``127.0.0.1:9200`` or https://user:secret@localhost:443)
     - ``ssl`` - bool: Use an encrypted SSL/TLS connection (Default: True)
     - ``cert_path`` - str: Path to a trusted certificates
     - ``index_suffix`` - str: A suffix to apply to the index names
@@ -599,7 +600,7 @@ Install Java:
 
 Configure Davmail by creating a ``davmail.properties`` file
 
-::
+.. code-block:: properties
 
    # DavMail settings, see http://davmail.sourceforge.net/ for documentation
 
@@ -733,7 +734,7 @@ For CentOS, RHEL, and other RPM systems, follow the Elastic RPM guides for
     sudo service elasticsearch start
     sudo service kibana start
 
-Without the commercial X-Pack_, Kibana does not have any authentication
+Without the commercial X-Pack_ or ReadonlyREST_ products, Kibana does not have any authentication
 mechanism of its own. You can use nginx as a reverse proxy that provides basic
 authentication.
 
@@ -1217,6 +1218,8 @@ Indices and tables
 
 .. _X-Pack: https://www.elastic.co/products/x-pack
 
+.. _ReadonlyREST: https://readonlyrest.com/
+
 .. _kibana_saved_objects.json: https://raw.githubusercontent.com/domainaware/parsedmarc/master/kibana/kibana_saved_objects.json
 
 .. _HTTP Event collector (HEC): http://docs.splunk.com/Documentation/Splunk/latest/Data/AboutHEC
diff --git a/parsedmarc/__init__.py b/parsedmarc/__init__.py
index 8d03018..369f158 100644
--- a/parsedmarc/__init__.py
+++ b/parsedmarc/__init__.py
@@ -880,7 +880,7 @@ def get_dmarc_reports_from_inbox(host=None,
             yield l[i:i + n]
 
     if delete and test:
-        raise ValueError("--delete and --test options are mutually exclusive")
+        raise ValueError("delete and test options are mutually exclusive")
 
     if connection is None and (user is None or password is None):
         raise ValueError("Must supply a connection, or a username and "
diff --git a/requirements.txt b/requirements.txt
index 1778c37..d47b87b 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -1,3 +1,9 @@
+flake8
+sphinx
+sphinx_rtd_theme
+wheel
+rstcheck>=3.3.1
+pygments
 dnspython
 expiringdict
 urllib3>=1.21.1
@@ -12,8 +18,3 @@ dateparser
 elasticsearch
 elasticsearch-dsl
 kafka-python
-flake8
-sphinx
-sphinx_rtd_theme
-wheel
-rstcheck>=3.3.1