There’s considerable precedent for seeding IP lists or using stealthy tactics (e.g. imagine how it’d be trying to block something which searches Google or Twitter, hits a random ad network).
Fair enough. On the other hand it can also prevent users from stumbling upon malware distribution sites by both blocking them directly and secondly blocking advertisements that often link to malware.
All of this of course is part of defense in depth, multiple layers of incomplete protection is better than nothing at all.
Oh definitely, I'm not saying that there's _no_ benefit — the key point is the distinction between something which you control to something you don't. DNS filtering is good for clients you control but it's important to understand that you can't force malware to use it to avoid accidentally thinking that you're protected against other threats (which I've heard various times from people who should know better but weren't thinking about it carefully in-depth at the time).