( SzBlackY | 2020. 05. 11., h - 17:09 )

        * systemd-resolved now implements RFC5452 to improve resilience against
          cache poisoning. Additionally, source port randomization is enabled
          by default to further protect against DNS spoofing attacks.

(v.223 2015 júniusból https://github.com/systemd/systemd/blob/master/NEWS, egyébként a v. 217 volt az aktuális, amikor a fenti levelezés lement)

BlackY