You could get close using Groups and the commands to automate turning groups on and off. Something like this post for automating blacklist entries. In your case you can automate whitelist entries for the devices since whitelisted entries take priority, ensuring that your devices can reach their domains even if blocked by an adlist.
You could toggle the whitelist on for say, 5 minutes an hour and then back off again. If the devices are trying aggressively, this will be the same as letting them through at least once, since they will be trying during their 5 min window and get through then.
- In Groups create a new group called IoT
- In Domains create new whitelist rules for all the domains needed. You can add comments so you can remember what these are for.
- Edit the group for all of these rules so that they are in just the new IoT group (no longer in Default)
- In Clients find your IoT devices and click Add and change their group so they are in both the Default and the IoT groups
If the IoT group is turned off the devices will act as they do now and be subject to the Default group. If the IoT group is turned on the devices will have the selected domains whitelisted, while still having all the normal blocking from the Default group.
Test it manually to see if it's working as expected. If you toggle the IoT group on for 5 mins then turn off, are they happy?
To automate this you can use cron to turn the IoT group on once per hour for 5 mins. Open crontab for editing:
crontab -e
Paste in the entries below to enable the IoT group on the hour and disable it at 5 mins past the hour.
#Enable IoT on the hour:
0 * * * * sudo sqlite3 /etc/pihole/gravity.db "update 'group' set 'enabled'=1 where name='IoT';"; /usr/local/bin/pihole restartdns reload-lists &>/dev/null
#Disable IoT at 5 mins past the hour:
5 * * * * sudo sqlite3 /etc/pihole/gravity.db "update 'group' set 'enabled'=0 where name='IoT';"; /usr/local/bin/pihole restartdns reload-lists &>/dev/null
Save your edits and quit the editor. Now the IoT group will be turned on and off automatically. You will be able to see from your Query Log and the device's CPU usage how they are responding to the tests. It would be interesting to know how it works out.