feat: Add subdomain verbiage to Restrictions/Blocklist (#2737)

Co-authored-by: Sarah Soutoul <[email protected]>

Author: tmilewski

docs/guides/secure/restricting-access.mdx

@@ -86,7 +86,9 @@ To enable this feature:
 
 <Include src="_partials/feature-not-free-callout" />
 
-By adding specific identifiers to the blocklist, users with those identifiers will be blocked from signing up and signing in to your application. This is useful for attack prevention, such as when multiple spam accounts sign up for your application. For example, if you add `clerk.dev` as a blocked email domain, it means that anybody with a `@clerk.dev` email address will not be able to sign up for your application.
+By adding specific identifiers to the blocklist, you can prevent users with those identifiers from signing up. This helps protect your application from attacks, such as scripts creating multiple spam accounts. For example, adding `clerk.dev` to the blocked email domains list prevents anyone with an email address ending in `@clerk.dev` from signing up.
+
+You can also block email addresses from all subdomains by using `*@*.clerk.dev`. This prevents sign-ups from email addresses such as `@subdomain.clerk.dev` or `@subdomain2.clerk.dev`, and deeper subdomains like `@subdomain.subdomain2.clerk.dev`.
 
 To enable this feature: