While this is possible, it could prove unsuccessful (for this situation).
Allowing only good user-agents could prove problematic. For example, I have seen Flash player, or java, not include a user-agent at all. You will also have issues with transparent setups for SSL sites.
In addition to this, MWG Anti-Malware already does block known bad user-agents "funwebproducts".
Thanks for the replies. There would be certain instances that this could be problematic, we're just looking for all angles to block malicious traffic.