I have whit-listed them but the issue is still here, after making some investigation I think the reason is that the response from the first DNS request ask my client to pass through TCP instead of UDP and then it timeout.
I tried to deny TCP/53 on my pihole but it is like I got a "system error" quickly but it doesn't solve the issue..
I made some investigation to giving you more information.
I realized that sometimes it is working and sometimes (the vast majority of time) it is not.
I ran multiple packet capture, and figured out that using Pi-Hole as my DNS server, it is always working when my client is requesting DNS through UDP.
I also realized that using Pi-Hole, is is always failing when my client is requesting DNS through UDP and then through TCP (initiating a DNS request, destination Pi-Hole Port 53 in TCP).
This result of a very long timeout, or instant "system error" if I put an IPTABLE rule to deny TCP/53.
Now the question is why sometimes my request are passing through UDP only and why they pass through UDP then TCP.
My guess is that I am very close to 512Bytes on the response side, and depending on the server outlook is giving me the list is not always the same..
Screenshot of a non-working response: (working, but where my client is trying to initiate a DNS over TCP/53 to Pi-hole straight after receiving it, which is a little bit bigger than the first one)
Are you sure thie issue is with tcp/udp.
Try netstat -lpn | grep dnsmasq
Is it running on udp and tcp?
You would expect more issues then in my opinion.
Is it not something other doamins blocked in pihole?
This is a list of domains that should be open.
Thanks for your reply, I have doubt as I am only using office365 through IMAP and SMTP.
So, only using outlook.office365.com and smtp.outlook.office365.com so I don't think I would require anything else.
Sometimes it is working, sometimes it is not, and when it is not I realized that the response is not the same and bigger and so my client is trying to issue another request through TCP.
BTW, I have whit listed the entire office365.com domain
Thanks everyone, I found the issue!
Simply my iptables rules on my server not allowed to OUTPUT to TCP/53!
So I was right regarding the fact that the request/response was too large and so the client was trying TCP instead of UDP but my pi-hole server simply not forwarded it as iptables was blocked it!