Restrict ICAP scanning based on source IP address or group