Yep, that's a loophole in my current method. However, at least at the moment, I have not seen this behavior and the added queries to check against this loophole would make the DNSBL more invasive to WHOIS servers like you say.
One way I justified that it's not as important to re-check expired and re-registered domains is a similar reason why spammers seem to want "fresh" domains. All this spam that is being sent out is, eventually, over the course of a few days/a week, resulting in many URIBLS and other domain reputation based lists catching them. Even still whitelisted against my DNSBL, it would be more likely that some other block list WOULD have them blacklisted still. Similar to how people inherit IP reputation of the previous owner, I imagine/hope that the domains would retain their poor reputation and hopefully be considered useless to spammers.
You are correct on the potential for legitimate/good reputation domains expiring and then being abused by spammers. At the outset, I think my response to that would be that attempting to be that "aggressive" in response with the added WHOIS queries needed would be beyond the scope of this DNSBL. Spamming WHOIS servers is not something I want to intentionally do.
I could be wrong. But, you never know. If this DNSBL becomes reasonably popular, circumventing it may be eventually worth the effort.