as far as I know it's not possible to restrict web access directly from Zimbra, while restricting outgoing emails is pretty easy by customizing Postfix's configuration:
[al commands must be ran as 'root']
1 - Create a file called "postfix_restricted_senders" in /opt/zimbra/conf/
2 - Populate the file using the following syntax (one entry per line):
3 - Use postmap to prepare the .db file that postfix will use:
4 - Insert the following Keys in "/opt/zimbra/conf/localconfig.xml"
5 - Insert the following lines in "/opt/zimbra/conf/zmmta.cf" in the "MTA" section just before the "RESTART mta" line [In Zimbra 8+ edit the zmconfigd.cf file instead]
6 - Create the /opt/zimbra/conf/postfix_local_domains file listing all your domains.
POSTCONF smtpd_restriction_classes LOCAL postfix_smtpd_restriction_classes
POSTCONF insider_only LOCAL postfix_insider_only
7- Postmap the file running:
8 - Finally, add the following line in "/opt/zimbra/conf/postfix_recipient_restrictions.cf" (after the "reject_non_fqdn_recipient" line)
9 - The MTA should restart itself after step 8, check your logs and restart it manually if it doesn't restart automatically.
To add new restricted senders edit the "/opt/zimbra/conf/postfix_restricted_senders" file and execute the command in step 3 to finalize the changes.
Remember that this procedure must be applied again after each Zimbra update (only need to repeat steps 4,5 and 6)
As usual, try this configuration on a test environment before applying it in production
Hope this helps,