As part of an ongoing cleanup, We have a large amount of IP Addresses in Content Filtering->URL Blocking->Blocked URL Patterns. Question is, does having IP addresses do anything at all there? From the description it seems that this section works on a DNS type situation.
Seems like it would be a Layer 3 incoming rule to block, but I can't have those. So layer 3 outgoing rule?
The blocked URL patterns field needs to be formatted according to the description in this document. Since the MX is a stateful firewall, inbound traffic will be blocked unless it is return traffic for an existing flow. I would move those IP addresses into layer 3 outbound firewall rules. That should accomplish your goal.