diff --git a/doc/Changelog b/doc/Changelog
index e2fc884a6..1a5847578 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,9 @@
+28 January 2011: Wouter
+	- Fix remove private address does not throw away entire response.
+
+24 January 2011: Wouter
+	- release 1.4.8
+
 19 January 2011: Wouter
 	- fix bug#349: no -L/usr for ldns.
 
diff --git a/iterator/iter_scrub.c b/iterator/iter_scrub.c
index 607d0a0d7..af4192267 100644
--- a/iterator/iter_scrub.c
+++ b/iterator/iter_scrub.c
@@ -643,9 +643,9 @@ scrub_sanitize(ldns_buffer* pkt, struct msg_parse* msg,
 		if( (rrset->type == LDNS_RR_TYPE_A || 
 			rrset->type == LDNS_RR_TYPE_AAAA) &&
 			priv_rrset_bad(ie->priv, pkt, rrset)) {
-			/* set servfail, so the classification becomes
-			 * THROWAWAY, instead of LAME or other unwanted */
-			FLAGS_SET_RCODE(msg->flags, LDNS_RCODE_SERVFAIL);
+
+			/* do not set servfail since this leads to too
+			 * many drops of other people using rfc1918 space */
 			remove_rrset("sanitize: removing public name with "
 				"private address", pkt, msg, prev, &rrset);
 			continue;