I'm attempting to block serveral diffrent instant messenger progs. using IPSEC policies. Most have gone down without too much trouble. The exception is Yahoo Messenger. I've found at least 50 diffrent ip address for logon servers and no matter how many I block it just finds a new one. It's drivin me nuts. They all have a common part of the host name *.msg.dcn.yahoo.com and they all appear to come from the same few IP ranges. They are 216.136.x.x, 216.136.x.x and 246.155.x.x. Short of entering everyone of these IP's is there a way to either block everything from *.msg.dcn.yahoo.com or by the IP ranges. Thanks in advance.