[dns-operations] responding to spoofed ANY queries

[Vernon Schryver]

> From: "Frank Bulk" <frnkblk at iname.com>

> Perhaps the ratio could be a dynamic whitelist -- if it's 1.5 or less, then
> allow the response to go out.

What would be gained by spending the code complexity and CPU cycles
such a mechanism would require?  What bad things would be avoided
or good things achieved?

(Please do not mention false positives, because that notion of false
positive is irrelevant and does not happen with RRL.)


Vernon Schryver    vjs at rhyolite.com