Don't log ACL mismatches of CNAME targets

[wtoorop]

This came from an e-mail to the nsd-users list.

If a CNAME is followed and it reaches a domain which as an allow-query list and the querier is blocked (because no ACL matches or by other reasons), do not log an message about the ACL not matching.

Is it desirable if no message is logged in such cases? Or is there still value in logging if CNAME targets do not match an ACL for a queries?