From my understanding Trillian is not using HTTP and thus is not involved with Squid?
This said, if you do have users who use some of the chat networks HTTP tunnel mode then the most effective is to watch your access.log file for their requests and then block the servers they try to access. You should quickly find a pattern there.
Regards Henrik
