Encrypted pdf attachments get filtered out because amavisd cannot scan an encrytped file which makes sense.

What is the best way to get around this on a case by case basis?

Will adding the sender to a whitelist work?

Does it need to be in amavisd.conf.in or can the user do it himself in their Zimbra web portal?