Matrix packets are encrypted at the application-level of the OSI model. Deep packet inspection relies on inspecting all of the other data about the traffic and using it to block/terminate your connection:
Isn't Matrix protocol basically JSON-over-HTTPS? After TLS connection is negotiated, nodes in the middle have no idea what's going across the wire.
E2E encryption simply means that not even Matrix servers can decrypt messages.
Sure, you can track connections to existing, well known Matrix servers and act as a HTTPS client to figure out if a server is a Matrix server, but you can make it appear as any web server I guess.
You'd probably need to make it not respond to Matrix requests from unknown peers if you want to hide it, so you are right that one could easily block most of publicly accessible Matrix network for sure.
If there are identifying bits there, that's likely a bug in encryption.