[k4ch0w]

Well, allowlist to a known DNS server and block anything on DNS that isn't allowlisted.

[ignoramous]

The exfiltrated data isn't for DNS resolvers but is leaked to Nameservers through them.

A similar technique forms the basis of how services like dnsleaktest.com and which.nameserve.rs identify DNS resolvers in-use by a particular client.