In order to understand which list caused the delivery failure, you would need to know what IPs were blocked when trying to connect to the Messaging Gateway. No other information exists about the messages exist since the transaction was blocked at connection time.

To know the IP, you will need to talk with the sender. They should be aware of their own sending IPs, or be able to find it with their own auditing tools, such as Non-Delivery Reports.

Once you have the IP, you can search the Message Audit Logs for the "Mandatory Filter" of "Connection IP" or "Logical IP"

The Message Audit Logs will let you know what feature acted on the messages, so you know what adjustments need to be made.

Local Bad Sender IPs: You would want to remove the IP or IP Block from the list.

Global Bad Sender IPs: You or the sender can request removal from the list. Information on this step is in the following article:
Request removal of an IP address from Symantec's IP-based block lists

Third Party Bad Senders: You can disable this feature, remove the Third Party DNS Blocklist servers, or request the IP be removed from the Third Party DNS Blocklist. Determining which servers might be the cause, or how to remove an IP from the service is outside the scope of Messaging Gateway support.

Note regarding the Third Party Good and Bad Senders lists, configuration problems in these lists will affect the overall Messaging Gateway performance since they require connecting to a Third party DNS service to retrieve the associated verdict, it is important that these lists are configured and maintained properly. Third Party Good Sender services are rare and would most likely only be available as a local DNS service, so this list should generally be empty in most environments.