Hi, as I googled around there is no way to filter DNS requests (and allow only some sites) from Mikrotik OS itself, so I guess it's needed an external device. I've read about using a Raspberry with OpenDNS, but I'm looking for something more reliable, if possibile. May you suggest me something please?

My goal is to reduce available domains for the workstations, users should be allowed to open only gmail and few working sites, I need a device where I will populate a white list and that can report me all the ignored access, to solve eventually troubles.
Thank you a lot!

Depending on how big the list is, you could set the Mikrotik router as the DNS server, not allow it to make outbound requests and set a static list of allowed domains and IPs in the Mikrotik.

Expect a lot of stuff to break or only partially work as the domains you need for normal browsing to a few "allowed" sites is normally much bigger than you'd expect.

You'd probably want to filter DNS requests to other public DNS servers too, although DoH is likely to make this difficult.