With almost no resources affected by this denied DNS amplification, it is somewhat unnecessary to escalate things into IP banning via IPTABLES or Fail2Ban.
The problem in fact lies within SYSLOG, lots of garbage is filling up SYSLOG like this :
client @0x7f5e9801de60 74.58.217.180#743 (pizzaseo.com): query (cache) 'pizzaseo.com/RRSIG/IN' denied
Lots of them.
I have been able to prevent the garbage entering the logs by configuring :
1) go to /etc/rsyslog.d/
2) create a new conf file, e.g: vi /etc/rsyslog.d/11-exclude.conf
3) put this as content inside: :msg, contains, "pizzaseo.com" stop
You can also put any extra similar lines to put out any other garbage you dont want to see in SYSLOG (e.g PHP Session clean entry).
Now, either restart the SYSLOG or just restart your system. You now have cleaner version of SYSLOG.
Cheers