I assume you're being sarcastic. There is no good reason for anyone to be exposing Microsoft networking ports on the internet, unless you're a researcher running a honeypot. It's just a way for malware to get in.
But seriously, on principle I'd rather have unfiltered.
Breaking DNS standards is more significant though. Returning false results is much worse than filtering malicious packets.