Petr Špaček via Unbound-users wrote on 2019-09-13 01:15:
... Any implementation which is unable to respond to well-formed queries is just broken and there is no excuse for it.
in DNS RRL (www.redbarn.org/dns/ratelimits) a motive and a method is described whereby queries which appear to be uselessly duplicative are dropped without response. this is the main method of managed nonparticipation in DNS-amplified DDoS attacks.
perhaps this is exempted from your otherwise broad statement, since the implementation of DNS RRL does not render an implementation "unable" to respond to all well-formed queries, but rather, "unwilling" to do so.
-- P Vixie
