plumsauce - 5:37 am on Apr 17, 2006 (gmt 0)

Who should this topic be addressed to?

The dns administrators of the isp's of your potential visitor, eg. AOL. Who *have* to at least some recursive behaviour on their caching dns servers or your visitor's could not reach your site to begin with. This is why split dns is used.

What happens if the site's own name servers allow for recursion (for non-authoritative DNS queries)

In the usual configuration, then they can actually send outbound email, resolve inbound smtp connections to do various spam checks, connect to upstream data sources, lots of useful stuff.

The *only* risk is that *your* dns server aids and abets the exploit of *another* domain. I'll assume that it is not a risk that most should worry about? And again, if not, who should be worrying about it?

Not in the context of being a web host. Furthermore, a dns server that is configured to prevent cache poisoning obviates any concerns. That should encompass any recent dns server run by a competent dns admin. Not admin, but dns admin.