The basic idea is fairly straightforward but to get it to work requires a bit of background understanding of how Ethernet networks function and the practicalities can be a bit fiddly to do.
In essence though imagine that you have a number of devices on your network, they all connect via wifi or cable to the hub and out to the internet, now imagine that one of them (and we don't know which one) gets infected with a bit of malware and starts sending out spam email. From the outside world's point of view, they can't see what device on your network is doing it all they can see is spam coming out of your internet connection, ie your WAN IP address. VM have a policy (and we can argue the rights and wrongs of doing this), that if this is detected then when your email client tries to connect to their network and send a perfectly legitimate message, VM checks to see if your address is on the 'naughty list', so to speak, and if so simply denies the connection. Most email clients can't tell what the actual reason for this is, all the know is that they can't connect and tend to just throw up a generic (and often confusing) 'password' error.
Now VM nor anyone else can say what device on your network is actually responsible, the onus is entirely on you to find it and eliminate it, if you simply ask for your address to be delisted without finding the culprit first then it will be a very short term fix as you will simply get listed again.
Here's a list of things which absolutely won't work;
Screaming at VM to 'just fix my email' - they won't! Threatening to sue - good luck with that one! Demanding that Spamhaus (the third party company which actually compile the list) remove you from it permanently - you will politely be told to 'do one' Threatening Spamhaus with legal action - it's been tried, got nowhere, see above
And things which will (eventually) work
Work out which of your devices is responsible, eliminate the cause and then request a de-listing Throw out every internet connected device you have into the nearest skip, purchase all new equipment and never install anything on them.
Option one is generally preferred!
So all we know is that something is sending traffic out to the internet on a specific 'port', this is SMTP traffic on port 25, the standard VM hub doesn't have any traffic logging features which some third-party routers do, if it did then it would be easy to have a look through the logs, see something like 'device with IP address 192.168.0.23, connected to <some mailserver address> on port 25'. You would then check which of your devices had an IP address on 192.168.0.23 and that would be the culprit. But since the hub can't do that, we need an alternative method.
Wireshark is an an immensely powerful piece of software for analyzing network traffic and telling you exactly where it has come from (the source address), where it is trying to get to (the destination address) and the type of traffic (the port number). So if you were to install this on a PC (there is a Mac version) and set it running, and leave it, if your PC happened to have the malware on it, you will see Wireshark logging outgoing traffic on port 25 and you woudl know that the PC has a problem. The issue is that Wireshark can only display traffic going through the device it is installed on, or more specifically the network interface (wifi, ethernet etc) that it has been told to monitor - it can't see what other devices are doing. So you could have it happily logging on your PC with no results at all and an Amazon Firestick (for example) right next door is spamming the entire world right under your nose. And the reason is that the Firestick is talking directly to the VM Hub and out to the internet, completely by-passing the PC doing the scanning!
So we need to set things up so that instead of your wifi devices connecting to the internet directly via the Hub, they connect instead to the PC and then out to the Hub, in this way Wireshark on the PC can monitor all the traffic coming from them and eventually see which one is responsible. It might take some time, the modern versions of the 'spambots' try to keep under cover, they stay dormant for a while, send out a couple of spam emails and then go back to sleep in an attempt to avoid detection. So you need to keep the logging running and catch them when they light up.
How this is done depends on the equipment you have but the basic principal is the same. Connect your Mac or PC to the internet and first use Wireshark to be be sure that it isn't actually this which is the issue. There is a test you can do using a telnet command to simulate sending out spam email (without actually sending any), if Wireshark picks this up then you know you have everything set up correctly.
The next step is to 'share' this internet connection and then disconnect all of your wifi devices from the VM Hub's wifi (in fact if you can turn off the Hub's wifi entirely) and connect them to your 'shared' connection instead. That way they all connect to the internet as normal but your PC and Mac is now in a position to analyze all the traffic from all of your devices, once Wireshark detects outgoing port 25 traffic, it will tell you the IP address of the offending device, you can then check which device was given that address and act accordingly. Once you have found the source of the spam you can disconnect and clean up the device (factory reset, uninstall any dodgy applications etc.) and put everything back to normal.
It's not actually as hard as it might sound once you have gotten your head around the underlying method and what it is you are trying to achieve and why.
If I understand correctly ... if everything is set up, Wireshark should see attempts to pass spam traffic through port 25 (from an active spambot), even though you're essentially blocked. It'll show up if it's "sending".