Windows 10 no tunnelling DNS via port 443 - why?

My UTM is generating huge log files showing My Windows machines attempting to send DNS traffic to Microsoft
This looks like spying and should be illegal.  Can anyone help me stop this nonsense or explain why I should allow it?

Thanks!

  • Hi  

    Sophos UTM 9 does not support DNS over HTTPS or DNS over TLS yet. For any traffic going out on TCP Port 80 and 443 will be intercepted by the Web Proxy if you've set it up in transparent mode. If you've set up Standard mode proxy, you should be able to send this traffic directly out without sending it to UTM Proxy. 

    In case you want you Windows machine to stop this traffic, the best way would be to identify the application which does it and stop it.