what is the zimbra way of adding a whitelist to the postfix mta server?
I've added a few mtarestrictions and rbl_clients. I haven't seen it yet but I wouldn't be suprised to get false positives.
If this happens, I'd like to be prepared to fix zimbra.

On a regular postfix install, you add check_sender_access hash:/etc/postfix/whitelist

then you list the domains in the whitelist file, for example:
domain1.com OK
domain2.com OK

The check_sender_access is added to the smtpd_recipient_restrictions parameter.