We get a fair amount of requests to block Skype and this article aims to explain why this feat is no easy task, and the options that you have with our services.
Due to the nature of the application, Skype services can not be prevented from working simply by blocking certain domains. Skype uses an aggressive and adaptive networking technology specifically designed to reach the internet. They use a very large range of IP addresses as well as a revolving list of domains in order to connect to their main service, which are all subject to change without notice.
Skype's initial outbound connection can use any dynamic combination of TCP and UDP ports, including outbound ports 80 and 443. The protocol is proprietary but since it works on the same port as normal SSL/HTTPS traffic, it renders traditional port blocking filters ineffective. Skype does not use a traditional client/server topology. Users on the Skype network are acting as both users and servers in their distributed methodology. Another hurdle to consider is the fact that there are technical differences between the Skype application, the online client and Skype for Business.
Blocking Skype with OpenDNS
Blocking specific Skype domains may result in lost of functionality or inability to download the application from Skype.com, but the service itself will connect and continue to run if already downloaded to that device.
Although your options are quite limited, you have two choices to attempt to block DNS traffic to Skype.
skype.comdomain (please note that this only blocks the skype.com domain and not VOIP traffic).
Enable content filtering using the "Chat" category in your security settings.
These methods may not have a 100% success rate. If you wish to block the connection via the Skype calling application, please contact Skype support at http://support.skype.com for assistance.