Thanks for the answer!
Our pleasure. We've not seen a case where its the rule, per se, because the logic is so simple but we have seen cases where either local or upstream DNS issues caching records longer than they should, but honestly thats rare - most of the time its just that spamhaus' data is usually nice and dynamic so by the time you go back and look its usually changed to reflect the current state of that IP (safe). Of course, the question in this case is did that happen?
No, I am not a customer yet, but I'm gonne be soon I think!
(first I will configure my server with the delayed rules, my goal is to be sure my JOOMLA services are really secured... Does the realtime protection offers special protection for this?)
They do. The realtime rules contain additional security rules, performance enhancements and bug fixes, as well as Just In Time Patches for applications, including Joomla, and Positive Security rules for popular web applications including Joomla.