I see way too many people asking around about DNS redirects recently. Those people are exactly the reason why I think #DoH is the right approach.
This means whatever "regular" DNS sever you set in your configs, will be ignored. Except you use DoH and this way bypass their #firewall and verify the resolver.
DoT can run on port 443 though
@cuniculus True, but I'm a fan of well-known ports
The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!