It sounds like you just need to use different incoming mail policies per group of individuals you want to block/drop .rar and .zip and those which you don't want this to happen.
The fact that you want a specific group to be allowed receipt of these and everyone else should have these blocked I would recommend creating an additional incoming mail policy that does NOT have a content filter that performs this blocking. Add the appropriate users to this incoming mail policy. Then create a incoming content filter that does this dropping of .rar and .zip files and apply this to the Default Incoming Mail Policy.
The content filter in this situation would not need a condition, just a action of strip attachments by file info , filename contains .rar or .zip
Here is a useful regex for the content filter action: (?i)\.(zip|rar)
Hope this helps!
Steve