If I ssh to a domain provided by dyndns, does my password go through them?
Solution 1:
ssh is asking again; just because you connected to a host doesn't mean you trust that host to be the real something.there.foo.
You can compare the fingerprints to check they are indeed the same host:
diff -u <(ssh-keygen -F something.there.foo -l) <(ssh-keygen -F xx.xx.xx.xx -l)
There are ways to put the key fingerprint in DNS, but without DNSSEC security won't increase much.
Once you have connected to the host you can trust ssh to warn you if it changes.
Solution 2:
If you haven't accessed the server via something.there.foo, it will ask even if you've accessed the same server via other methods (ip address or alternate domain).
Solution 3:
You aren't sending through their servers. The reason for the alert is the domain/ip isn't dns reversible. Which means when you dns the ip it does not come out as something.there.foo.