sinkhole is using 3 public lists for known bad domains (Malware Domain Blocklist, Zeus Tracker, and SRI malware list).
A step-by-step guide is available here.
I will be waiting for other lists to be added, such as Phishtank, GoogleSafeBrowsing, XSSED, and others.
DNS can be used effectively to detect and prevent infection inside a network, such as checking the cached entries on your DNS servers for bad hosts.
I do not know exactly if vendors are implementing such DNS filtering on their products, maybe on the IPS level.
update:
check this clarification on tracking the clients.
Update:
Here is an updated detailed paper from Guy Bruneau.