The most censorship resistant method is to CDN whatever DNS or proxy you use.
The censor can block individual VPS, but they cannot afford to block CDN.

Your method won't work if they redirect port 53. Reason is root server / authoritative server lookup only works on plaintext DNS.
Celcom is using this exact method of blocking. However you can still bypass it by telling your recursive resolver to use TCP.

It is not authenticated / encrypted and I no longer recommend this. I see no benefit of running a recursive resolver other than for lab purpose. You can find many third party resolver with QNAME Minimization.
Resolver logging you is a question but ISP snooping and tampering with your DNS query is now happening.