Recursion question + trust?

[jack brack]

It seems that the advice at the moment is to disable recursion to everyone apart from customers, the reasoning being that customers are trustworthy and won't poison or knowingly poison the DNS server.
Since this isn't true, I don't know what to do.

I read this on webhostingtalk:

"For example, I'm a spammer. I create a hostname for spam, something.myspam.tld.

After that, I query your DNS server to resolve the host something.myspam.tld. It resolves that host and stores the info in its cache. All further requests for that host do not result in propagated lookups but are answered by the server from its cache, until the exipration for the zone occurs.

After that, I set your DNS server as the authoritative server for my zone with the domain registrar.

After that, I start sending spam.

Now, you are screwed because it looks as if your DNS server is being used for spam. "


If this is true, how can I possibly guard against it (without allowing customers to poison the dns)?
What do (or maybe "should" is better word) big ISPs do?