![](https://seccdn.libravatar.org/avatar/bbb8bbe88d3c0ebe19dc932cfa0b693c.jpg?s=120&d=mm&r=g)
This is a lot like Sendmail, older versions sucked, so they did a rewrite/audit and secured it reasonably well. Things change.
http://www.isc.org/products/BIND/bind-security.html
So far (knock on wood) Bind 9.x hasn't had any serious security bugs.
Have you read DJB's comments?
Yes. And? His comments with regard to Postfix are incorrect (i.e. wrong) and seriously out of date. Have you read this: http://www.sigmasoft.com/~openbsd/archive/openbsd-ports/200108/msg00461.html It got bad enough that OpenBSD dropped his software from _ports_. Plus most of his software stagnates quite quickly, and he doesn't officially accept contributions, so you end up missing basic functionality that is addressed by third party (unaudited typically) patches. Anyways, I think that's enough of this.
Cheers Tobias
-Kurt