I am using Mac OS X 10.8.5 with Server 2.2.2, but I think the same will probably apply in Mavericks. I have in the past been trying these same commands but they were not always reliable in passing on the settings to the greylisting system. So, I found out where they write by analyzing /usr/libexec/postfix/greylist.pl and now maintain these by by hand. The unexpected thing is that this is not maintained in the Config directory tree but in the Data directory tree of Mail.
Go to the directory /Library/Server/Mail/Data/gldb
(gldb = greylisting database). Here, the greylisting script maintains the database of sending systems that have past the greylisting trick. Here I have added info to two files:
whitelist_domain
and
whitelist_host
These are static data files that are read by the greylisting script.
For instance, if you want to whitelist all servers from facebook.com (because their myriad of file servers defeats the greylisting assumptions) you add a line to whitelist_domain that says facebook.com and one that says facebookmail.com. The domains to add, you can find by analyzing mail.log and look for the greylisting 'error' messages.
Some obvious entries are:
amazon.com
facebook.com
facebookmail.com
messagelabs.com