Yes, that all makes sense. I don't have the MX addon, but since training started a few weeks ago my spamassassin is now catching 99.5% of the 2-300 spams I get per day.
I don't have the capability to see what domain(s) are or have been causing the problems, but if you keep getting blacklisted repeatedly I would suggest you request a change of server (and hence neighbours).
It's becoming more and more difficult with the advanced spam 'engines' that exist today, but I agree, the more proactive we become in locating and fixing these problems, the better. Much of the problem comes from people being caught off guard and tricked into giving their email passwords away - then the spammers just pretend to be you and send out a few emails at a time (to get round the sending rate limit that is in place). The only way to see that you're sending spam emails is by examining all the emails going out (through the CP email route option), or waiting till someone reports it as spam.
Another problem is keeping scripts and applications (like Wordpress) fully up to date, including all the addons and themes. I run several, but still have to log on regularly to check for successful updates.
I have multi-layered security in place, but still see regular automated attacks. It's really quite unnerving, and should any of these attacks be successful, the culprits can do pretty much what they like with your server!