Why would Spamhaus continue to add an IP to the CSS when that IP hasn't sent email recently?
Solution 1:
Warning ahead for people experiencing similar issues: NEVER just request unblocking at any spam block list before you figure out what's going on. Those spam blocklist are almost always clever enough to not randomly block you. They may even tell you that additional unblock requests will incur a fee or not be possible at all if you unblock and then get listed again.
There are a number of rules about the CSS blocklist that are not published - intentionally - they do not want the spammers to avoid getting blocked by working around the rules.
One thing that is well known and published is however, that the list contains at least /64 blocks for IPv6. That means, they never block single /128 addresses, they always hit a full block at once. That, in turn, means that spam being sent by people in the same /64 block as you is getting you blocked as well.
If it was listing smaller blocks, the list would be
- tremendously large (imagine the number of possible ipv6 addresses to keep track of) and
- very easily circumvented by spammers (they could just use a fresh IP every time they were blocked).
The choice of using /64 blocks is roughly tracking what is common in the industry nowadays - one /64 usually is one customer. That equation was far from always the case 5 years ago - but afaik is the industry standard by now.
For a more detailed and weighed discussion of that decision, there is a lengthy statement about it on the spamhaus site: the "Spamhaus IPv6 Blocklists Strategy Statement"
Possible solutions for your case:
a) Ask your hosting provider
Your hosting provider may or may not effortlessly offer to assign you a larger (at least /64) block (Linode FAQs mention adding IPs), as the assignment of your (smaller) block might very well have historic reasons only - the (so far, still only rough) consensus on using /64 per customer is only 2 years old and before that, many hosting providers just assigned whatever they deemed appropriate - with wildly differing outcomes. My experience: many hosting providers offered that change of prefix size to me without me even asking (couple years ago).
b) Change your hosting provider
If your hosting provider is unable to follow industry standards - and additionally unable to justify doing so (I don't assume there is a good explanation, IPv6 address space is not exactly scarce), question their motives. If the hosting provider intentionally assigns small IPv6 blocks - e.g. to make sure that legitimate and spam mail gets mixed up (that is what the Spamhaus folks are concerned with when they use terms like "snowshoe operations") - it's time to run.