this creates a situation in which outgoing query passes, but incoming reply is blocked
That's what the XEP says.
However, ejabberd 2.1.5 and older have a bug: even if the active privacy list has a rule to deny incoming IQs, an incoming IQ reply (of type Result or Error) is allowed, not blocked.
I've fixeda this XEP incompliance in ejabberd git now.
the only outgoing stanza that can be blocked is presence.
Right. Notice that in XMPP, Message and IQ stanzas are always directed to a specific recipient, but Presence stanzas also allow broadcast. So, the client can already control destination of Message and IQ itself; and can control destination of Presence broadcast destination by setting privacy lists in his server.
But description of outgoing stanzas, does not specify the stanza type. Even the example 51 shows server's reaction to outgoing message, which, by protocol, cannot be blocked.
That allows to block all incoming and outgoing stanzas, of any type.
I've noticed ejabberd had a bug implementing that part of the XEP, and I've fixed in git now.
With the bug fixes I've committed to git, ejabberd is now better compliant with the XEP. If you try and find any remaining bug, please report. However, I guess that if you aren't satisfied by the XEP, you will still be dissatisfied with ejabberd.
Now I see that protocol described by XEP is ambiguous. ... I think the ticket is not strictly invalid, at least not until the protocol is clarified.
The XEP will not disambiguitate spontaneously, you will have to bring the topic to the "Standards" XMPP mailing list