Greetings bruno300,
I would start by creating a new policy group, add the user's email address to the new policy group, then disable spam scanning for that policy group. I have included below, links to documentation on how to do each of the steps listed.
Creating a policy group
http://www.symantec.com/docs/HOWTO53386
Adding members to a policy group
http://www.symantec.com/docs/HOWTO53840
Selecting spam and unwanted email policies for a policy group
http://www.symantec.com/docs/HOWTO53440