Ive added a rule to ban http://windowsupdate.microsoft.com, yet in the

proxy logs I can see requests getting through to the site.
The request type is HEAD http://windowsupdate.microsoft.com/ident.cab
and it gets a response 200.
I am using BM3.7 FP3B, last month the usage was 500% more than it is usually yet nothing that ive used (webspy, brdstats) shows this
Ive now added a DNS entry to the loopback address but would like to
why the rules are not stopping it.