SMTP false positive incidents are generated when an email containing a hyperlink to a file is detected as PII-SSN. The file name contains spaces which in HTML-land are often replaced with (% 20).
This date is being seen by DLP as an SSN, and is getting blocked.

DLP -  SMTP detection

% won't ever be in the detected content, it's punctuation and thus breaks it into different "words".  This is due to the way detection handles punctuation.

A workaround is to update the Custom DI policy, add validators (Exclude prefix %).  Therefore %207-16-2021 can be excluded from matching as social security number.  URL-encode space as %20 is somewhat common.