Whitelisted IP addresses are no longer good protection from hackers and spam as the IP addresses can be spoofed. The best practice for email is to add SPF/DKIM records to security policies - is this something you are able to support as our users are increasingly having email from Aha denied.
Emails from Aha! products implement SPF records, DKIM signing, and DMARC records. These can be used by email servers to verify these messages.
We continue to provide the IP addresses and domains that we send emails from at https://www.aha.io/support/roadmaps/strategic-roadmaps/collaboration/improve-aha-email-reception for customers who wish to implement IP-based or domain-based allowlisting.