After email address with invalid format is added to Allowed Senders list, Symantec Mail Security for Microsoft Exchange (SMSMSE) will bypass SPA scanning on every inbound email.
Collecting Debug logs for "Transport Scanning issues" will show the following line within the logs:
SMSMSESMTPAgent: Message whitelisted by SMSMSE; bypassing SPA.
This line is expected when a valid whitelist match is made against an email sender. However, if the list has invalid entries this line can be present for undefined senders.
See: How to Obtain Debug Logs for Symantec Mail Security for Microsoft Exchange (SMSMSE) - For information on debug logging.
Remove the invalid email addresses records from the Allowed Senders list and re-add them back in the correct format.
The following are valid formats:
SMSMSE all versions.