Hi folks,
Control D guy here, someone linked me to this thread. Funny enough, your thread (pihole-FTL: block IP's from lists) was the reason why we added this feature.
Is it bulletproof and prevents malicious software running on your network from resolving malicious domains that point to bad IPs, through a hardcoded resolver/DoH? Nope, but the same is true for "malware domain" blocklists most people run on their Pi-Hole. To us, it just seemed like a no-brainer addition that takes advantages of many existing IP threat intelligence feeds. Can you bet your life on it, absolutely not. Is it still useful? We thought so.
Mind you, there IS a performance hit if you need to parse the A/AAAA records against IP blocklists (especially if they're in CIDR notation since this is not a O(1) lookup), but the difference is ~1ms, so we felt it was worth it.