I absolutely don't undrstand why you go into the cat-and-mouse game and try to outsmart users. IF the policy is to not use facebook or any other site, you should clearly communicate that these sites are offlimits.
If users deliberately bypass your network rules, tell them they are offending the rules and with another breaking the rules, cut them off completely from external resources.
If blacklisting isn't an option (because there are always more proxies than you can block), maybe using whitelists is an option?