Apple's iMessage product uses an additional port aside from 80 and 443, so iMessage traffic sent through the Web Security Service cannot properly deliver.
Port 5223 is used by iMessage to deliver push messages. Because this port is not included in the cloud service routing, iMessage traffic is dropped.
To allow iMessage to function, the entire subnet used by Apple for its various products must be bypassed.
NOTE: This also allows access to FaceTime, iCloud, iTunes, and all other Apple products, as they share the subnet and interchange IP addresses regularly.
Add the subnet 17.0.0.0/8 to the bypass list either in the ThreatPulse portal or on your Firewall device depending on the Access Method you are using.