Apparently the user can use just about any port he likes, so blocking the port number would'nt get you anywhere.
Maybe you could
1/ Only allow internet access through squid
2/ Block all relevant content types in squid.conf:
acl music url_regex -i .mp3 .avi .mpeg .mpe .mpg .qt
.ram .rm .wav .mov .wpl
http_access deny music
Not sure if this will work and it might be a problem if your users require direct access for ftp, ssh, etc, but I would be very interested if you get it working.
regards,
Michiel