Alright. Some background. We have an anti-spam cluster trucking about 2-3 million emails per day, blocking somewhere in the range of 99% of spam email from our end users.

The underlying SMTP server is Postfix 2.2.10. The "Frontline defense" before mail gets carted off to SpamAssassin/ClamAV/ ect ect, is attached below.

...basic config....    
smtpd_recipient_restrictions =
            reject_unauth_destination,
            reject_rbl_client b.barracudacentral.org,
            reject_rbl_client cbl.abuseat.org,
            reject_rbl_client bl.mailspike.net,
            check_policy_service unix:postgrey/socket
...more basic config....

As you can see, standard RBL services from various companies, as well as a Postgrey service.

The problem is, I have one client (out of thousands) who is very upset that we blocked an important email of theirs. It was sent through a russian freemailer who was currently blocked in two of our three RBL servers. I explained the situation to them, however they are insisting we do not block any of their emails.

So i need a method of whitelisting ANY email that comes to domain.com, however i need it to take place before any of the recipient restrictions, they want no RBL or postgrey blocking at all.

I've done a bit of research myself, http://www.howtoforge.com/how-to-whitelist-hosts-ip-addresses-in-postfix seemed to be a good guide at first, almost fixing my problem, But i want it to accept based on TO address, not originating server.