@luc Many people wrongly believe they can prevent sharing with third parties through filtering on the client side. That won't work if you're letting them connect to anything else, especially their own services directly.
There are also many apps using DNS itself as a 2-way communication system. DNS resolution itself allows communicating to the nameservers for a service through your DNS resolver server. It's a full blown 2 way communication system. Can include a random value to bypass caching.