You are correct in that Smartfilter on HTTPs sites is trickier because we cannot see the URL. If you do not decrypt the HTTPS traffic, all Smartfilter has to use to filter sites is the destination ip address of the web server. Unfortunately web sites change ip addresses all the time and our categorizations may be incorrect.
If you are at version 8.x, you can decrypt and re-encrypt, but there are certain things you need to be aware of. I recommend that you take a look at the SSL Rules section of the 8.2.0 Product Guide.
If you happen to be using non-transparent mode (where the browser is setup to proxy to the firewall), the firewall _does_ have the URL to look at and therefore does not have to rely on ip address.
We are using 7.0.1.03.
I will go look at the 8.2 Product Guide.