Here’s a method of using Safe and block group lists for groups of users.

First create your Safe, Block and regular user groups.

Now create an Antispam profile for the Blocklist match, it will have a default action of Quarantine, Reject or Discard. No Scans are necessary but make sure “Apply default action without scan upon policy match” is enabled.

Now do the same for the Safe list match:

For the above create an action profile that delivers to the original host:

Now you can create a recipient policy for your e-mail groups. Sender type will be your Safe or Block list group. Recipient pattern will be your internal group. Move this policy above the catch all for it to take effect when