What it takes to run Windows Live Messenger?
Running WLM (Windows Live Messenger behind proxy)
Ports and URLs needed to open behind a firewall to run Windows Live Messenger

What it takes to run Windows Live Messenger behind ForeFront TMG 2010 or any Firewall or Content Filter.

If you are running MS Forefront TMG 2010 and blocked the entire website other than exception then you may face users complaining that their Live Messenger doesn’t login even though you have allowed LIVE Messenger Ports in your web access policy.

So what is the fix for this?

There is a huge list URLS you have to add in the

Setup a new Domain Name Sets in TMG and add Live Messenger URLs to it

You can find the full list of URLs at this Microsoft link