I see way too many people asking around about DNS redirects recently. Those people are exactly the reason why I think #DoH is the right approach.
Regular setup: "I want to redirect all #DNS requests to my local DNS resolver and block #DoT" -> Results in ugly firewall rules to redirect DNS traffic on port 53 and blocks 853.
This means whatever "regular" DNS sever you set in your configs, will be ignored. Except you use DoH and this way bypass their #firewall and verify the resolver.