@Dashrender Then you just block those domains and/or IP addresses as well as port 853 (DNS-over-TLS) and 784 (DNS-over-QUIC)
Cloudflare: https://developers.cloudflare.com/1.1.1.1/dns-over-https/cloudflared-proxy
Google: https://developers.google.com/speed/public-dns/docs/doh
Quad 9: https://www.quad9.net/doh-quad9-dns-servers/
Browsers fall back to regular DNS when DOH, etc are blocked.
Interesting Read Here: https://www.zdnet.com/article/dns-over-https-causes-more-problems-than-it-solves-experts-say/