We've signed up for pDNS at work
Unfortunately you can only use it in public orgs (in my case, a council), but seems a good idea. You have to request your IP range to be whitelisted so you can use their servers are resolvers, and you get a "portal" which shows you reports of usage.
In theory it will then warn you if it sees too many requests for dodgy domains, and wierdly our org has gone from "green" status (no problems) to "orange" in the past few days, but annoyingly I can't find out what actually caused the state to change.....
You can also give them your website URLs and they will scan them for known vulnerabilities periodically, which is also useful.