Much more information about Security Awareness Service whitelisting can be found in our manual:

Allowing the Delivery of Simulated Phishing Emails

Here you will also find all the information you need to set up whitelisting. 

Use the Email Security page on the left and then (again on the left) go to Settings under the Configuration category to configure lists that define trusted and known bad hosts and senders and a list of whitelisted URLs. For "Allow/Block Incoming" click the Add -> Add Allow button.

In the text box, enter the IP address from our documentation portal, check Force sender authentication and press Save.
To ensure this, there should now be a line on the page with "ALLOW", the IP addresses, the current date and "Enforced".

• Messages from the Allowed list will bypass anti-spam filtering.
• URLs in the whitelist are not rewritten if the ToC policy is configured to skip these URLs