diff --git a/app/proxyman/outbound/handler.go b/app/proxyman/outbound/handler.go
index e588d1c1..2b9b0c2b 100644
--- a/app/proxyman/outbound/handler.go
+++ b/app/proxyman/outbound/handler.go
@@ -267,11 +267,14 @@ func (h *Handler) DestIpAddress() net.IP {
 	return internet.DestIpAddress()
 }
 
-func (h *Handler) SocketSettings() *internet.SocketConfig {
-	if h.streamSettings == nil {
-		return nil
+func (h *Handler) ResolveStrategy() internet.DomainStrategy {
+	if h.senderSettings != nil && h.senderSettings.TargetStrategy.HasStrategy() {
+		return h.senderSettings.TargetStrategy
 	}
-	return h.streamSettings.SocketSettings
+	if h.streamSettings != nil && h.streamSettings.SocketSettings != nil {
+		return h.streamSettings.SocketSettings.DomainStrategy
+	}
+	return internet.DomainStrategy_AS_IS
 }
 
 func (h *Handler) UsesProxySettings() bool {
diff --git a/infra/conf/xray.go b/infra/conf/xray.go
index 24236624..efb9aa28 100644
--- a/infra/conf/xray.go
+++ b/infra/conf/xray.go
@@ -330,16 +330,19 @@ func (c *OutboundDetourConfig) Build() (*core.OutboundHandlerConfig, error) {
 	}
 
 	if fc, ok := ts.(*freedom.Config); ok && fc.DomainStrategy != internet.DomainStrategy_AS_IS {
-		errors.PrintDeprecatedFeatureWarning("freedom.domainStrategy", "streamSettings.sockopt.domainStrategy")
-		if senderSettings.StreamSettings == nil {
-			senderSettings.StreamSettings = &internet.StreamConfig{}
-		}
-		if senderSettings.StreamSettings.SocketSettings == nil {
-			senderSettings.StreamSettings.SocketSettings = &internet.SocketConfig{}
-		}
-		senderSettings.StreamSettings.SocketSettings.DomainStrategy = fc.DomainStrategy
+		errors.PrintDeprecatedFeatureWarning("freedom.domainStrategy", "sockopt.domainStrategy or targetStrategy")
 		if c.ProxySettings != nil && !c.ProxySettings.TransportLayerProxy {
-			errors.LogWarning(context.Background(), `The deprecated "freedom" outbound "domainStrategy" cannot be migrated correctly when "proxySettings.transportLayer" is false. Please update your config(s); the current combination is misconfigured.`)
+			if senderSettings.TargetStrategy == internet.DomainStrategy_AS_IS {
+				senderSettings.TargetStrategy = fc.DomainStrategy
+			}
+		} else {
+			if senderSettings.StreamSettings == nil {
+				senderSettings.StreamSettings = &internet.StreamConfig{}
+			}
+			if senderSettings.StreamSettings.SocketSettings == nil {
+				senderSettings.StreamSettings.SocketSettings = &internet.SocketConfig{}
+			}
+			senderSettings.StreamSettings.SocketSettings.DomainStrategy = fc.DomainStrategy
 		}
 	}
 
@@ -351,21 +354,41 @@ func (c *OutboundDetourConfig) Build() (*core.OutboundHandlerConfig, error) {
 			senderSettings.StreamSettings.SocketSettings = &internet.SocketConfig{}
 		}
 		if fc.PrivacyGuard == nil {
-			if senderSettings.StreamSettings.SocketSettings.DomainStrategy == internet.DomainStrategy_AS_IS {
-				senderSettings.StreamSettings.SocketSettings.DomainStrategy = internet.DomainStrategy_USE_IP46
+			if c.ProxySettings != nil && !c.ProxySettings.TransportLayerProxy {
+				if senderSettings.TargetStrategy == internet.DomainStrategy_AS_IS {
+					senderSettings.TargetStrategy = internet.DomainStrategy_USE_IP46
+				}
+			} else {
+				if senderSettings.TargetStrategy == internet.DomainStrategy_AS_IS &&
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy == internet.DomainStrategy_AS_IS {
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy = internet.DomainStrategy_USE_IP46
+				}
 			}
 		} else if *fc.PrivacyGuard {
-			if senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_USE_IP4 &&
-				senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_USE_IP46 &&
-				senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_FORCE_IP4 &&
-				senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_FORCE_IP46 {
-				if senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_AS_IS {
-					errors.LogWarning(context.Background(), `The "freedom" outbound "privacyGuard" overrides the existing "streamSettings.sockopt.domainStrategy". Please update your config(s) if this is unintended.`)
-				}
-				senderSettings.StreamSettings.SocketSettings.DomainStrategy = internet.DomainStrategy_USE_IP46
-			}
 			if c.ProxySettings != nil && !c.ProxySettings.TransportLayerProxy {
-				errors.LogWarning(context.Background(), `The "freedom" outbound "privacyGuard" cannot be applied correctly when "proxySettings.transportLayer" is false. Please update your config(s); the current combination is misconfigured.`)
+				if senderSettings.TargetStrategy != internet.DomainStrategy_USE_IP4 &&
+					senderSettings.TargetStrategy != internet.DomainStrategy_USE_IP46 &&
+					senderSettings.TargetStrategy != internet.DomainStrategy_FORCE_IP4 &&
+					senderSettings.TargetStrategy != internet.DomainStrategy_FORCE_IP46 {
+					if senderSettings.TargetStrategy != internet.DomainStrategy_AS_IS {
+						errors.LogWarning(context.Background(), `The "freedom" outbound "privacyGuard" overrides the existing "targetStrategy". Please update your config(s) if this is unintended.`)
+					}
+					senderSettings.TargetStrategy = internet.DomainStrategy_USE_IP46
+				}
+			} else {
+				if senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_USE_IP4 &&
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_USE_IP46 &&
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_FORCE_IP4 &&
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_FORCE_IP46 {
+					if senderSettings.StreamSettings.SocketSettings.DomainStrategy != internet.DomainStrategy_AS_IS {
+						errors.LogWarning(context.Background(), `The "freedom" outbound "privacyGuard" overrides the existing "streamSettings.sockopt.domainStrategy". Please update your config(s) if this is unintended.`)
+					}
+					senderSettings.StreamSettings.SocketSettings.DomainStrategy = internet.DomainStrategy_USE_IP46
+				}
+				if senderSettings.TargetStrategy != internet.DomainStrategy_AS_IS {
+					errors.LogWarning(context.Background(), `The "freedom" outbound "privacyGuard" overrides the existing "targetStrategy". Please update your config(s) if this is unintended.`)
+					senderSettings.TargetStrategy = internet.DomainStrategy_AS_IS
+				}
 			}
 		}
 	}
diff --git a/proxy/freedom/freedom.go b/proxy/freedom/freedom.go
index 58cdc91b..52b75bfe 100644
--- a/proxy/freedom/freedom.go
+++ b/proxy/freedom/freedom.go
@@ -38,10 +38,8 @@ var defaultBlockAllRule *FinalRule
 func init() {
 	common.Must(common.RegisterConfig((*Config)(nil), func(ctx context.Context, config interface{}) (interface{}, error) {
 		h := new(Handler)
-		if handler, ok := session.FullHandlerFromContext(ctx).(handlerWithSocketSettings); ok {
-			if sockopt := handler.SocketSettings(); sockopt != nil {
-				h.socketStrategy = sockopt.DomainStrategy
-			}
+		if handler, ok := session.FullHandlerFromContext(ctx).(handlerWithResolveStrategy); ok {
+			h.resolveStrategy = handler.ResolveStrategy()
 		}
 		if handler, ok := session.FullHandlerFromContext(ctx).(handlerWithProxySettings); ok {
 			h.usesProxySettings = handler.UsesProxySettings()
@@ -96,8 +94,8 @@ func init() {
 	}
 }
 
-type handlerWithSocketSettings interface {
-	SocketSettings() *internet.SocketConfig
+type handlerWithResolveStrategy interface {
+	ResolveStrategy() internet.DomainStrategy
 }
 
 type handlerWithProxySettings interface {
@@ -117,7 +115,7 @@ type Handler struct {
 	policyManager     policy.Manager
 	config            *Config
 	finalRules        []*FinalRule
-	socketStrategy    internet.DomainStrategy
+	resolveStrategy   internet.DomainStrategy
 	usesProxySettings bool
 }
 
@@ -307,7 +305,7 @@ func (h *Handler) Process(ctx context.Context, link *transport.Link, dialer inte
 
 		if dialDest.Address.Family().IsDomain() {
 			if defaultRule != nil || len(h.finalRules) > 0 {
-				if strategy := h.socketStrategy; strategy.HasStrategy() {
+				if strategy := h.resolveStrategy; strategy.HasStrategy() {
 					ips, err := internet.LookupForIP(dialDest.Address.Domain(), strategy, outGateway)
 					if err != nil { // SRV/TXT
 						errors.LogInfoInner(ctx, err, "failed to get IP address for domain ", dialDest.Address.Domain())
@@ -617,7 +615,7 @@ func (w *PacketWriter) WriteMultiBuffer(mb buf.MultiBuffer) error {
 					b.UDP.Address = ip
 				} else {
 					shouldUseSystemResolver := true
-					if strategy := w.Handler.socketStrategy; strategy.HasStrategy() {
+					if strategy := w.Handler.resolveStrategy; strategy.HasStrategy() {
 						ips, err := internet.LookupForIP(b.UDP.Address.Domain(), strategy, w.OutGateway)
 						if err != nil {
 							// drop packet if resolve failed when forceIP