Tails uses one DNS server from OpenDNS.

What prevents a malicious party from signing up exit nodes at OpenDNS and logging traffic, blocking content, and/or redirecting traffic?

Please consider switching Tails' DNS to another provider in addition to adding more than one DNS IP, some service where nobody can sign up anonymously and possibly perform MITM attacks via DNS.

One reference:

https://lists.torproject.org/pipermail/tor-talk/2012-February/023272.html

"Single point of failure, OpenDNS could be forced to redirect DNS
requests for some unwanted websites to a trap. This means it should not be
used as a 100% DNS replacement for Tor."