This would only work for centralized command and control mechanisms. More sophisticated bots use decentralized p2p type communication, as was with the storm worm last year. Conflicker uses a built in mechanism to generate new domains to contact each day, and while security firms are deploying blacklists based on the generator code, it could easily be changed in a new variant. This is of course not taking into account the difficulty one would have in getting ISP's to maintain a list of blacklisted domains that changes day to day.