A small company has web site hosted at (x-company) and static IP from an ISP company, and web hosting company give them email services too. unfortunately a user got a virus and his PC became spammer so he could not send email anymore. I cleaned the PC and recreated outlook data file (PST) and seems he is okay now and can send and receive emails but the wan IP and DG are still black listed on two databases. at this time I want to know besides implementing firewall and antivirus for the company.
who is responsible to remove the IPs from black list?
what else I could do to minimize the incident to be repeated?