We have a list of web sites we'd like to prohibit users from accessing via DNS/BIND.

One solution would be to add a zone for each address and point it to the loopback address.

I've also seen the blackhole option, but that appears to need IP addresses, not urls. Is that accurate?

Is there a faster way to do this than to create a zone for each url? We can't use IP addresses because the IP addresses frequently change for the urls.

Thank you.