nsrep: never blacklist NSs because of SERVFAIL/REFUSED
The SERVFAIL is a soft-failure, and REFUSED isn't something the server
is really in control of. It is easy to trick the resolver into blacklisting
a NS by creating a bad delegation and pointing it at the victim NS.
This changes the scoring function to degrade server score on these rcodes,
but cap it to a really bad score. It should be treated as timed out only
if it really times out or is unreachable.
projects / thirdparty / knot-resolver.git / commit
