I'd set a policy of DROP - and then only open what you want.
I think that might have been the intention of:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE # every request should go throught the iptables
iptables -P INPUT DROP
iptables -P FORWARD DROP
iptables -P OUTPUT DROP
# then put your mac-specific rules - they seem to be o.k.
# you can also use -A instead of -I if you put them first
# in the mac you need to use colons instead of the minus sign, e.g.: 00:15:B7:33:6A:57
#iptables -I INPUT -m mac --mac-source 00:15:B7:33:6A:57 -j DROP # Actual...final statement for droping specific mac address
iptables -I INPUT -m mac --mac-source 00:16:6F:50:64:5B -j ACCEPT # sample mechine MAC addresss
# then the other rules...for port 25, 110, 1863 and so on
I'm not sure if your rules for squid are o.k. - this is not to worry you but to say that I just don't know.