When it comes to spam, despite throwing everything we have at the monster, the problem just keeps getting bigger and nastier.
With ever-increasing volumes of spam, CIOs are finding it takes ever-more powerful servers, more bandwidth, more network resources, and more time and expense administering ever-more complicated email architectures.
Unfortunately, nearly all of today's anti-spam technologies require enterprises to not only scale to meet the spammer's volume, but also add the additional overhead needed for blacklists, whitelists, and content filters. More hardware, more bandwidth, more administrative overhead, and more reliability issues associated with the greater complexity ... these costs are only continuing to get worse.
Organizations should recognize both the strengths -- and the limitations -- of the various anti-spam technologies. By deploying a layered approach with technologies suited to the tasks, the run-away costs of spam can be held firmly in check. Many tried-and-true anti-spam approaches can still be quite effective (and cost effective) if you understand the capabilities and limitations, and deploy the technologies in a layered fashion that brings out the best in each.
The best solution for the near term is for organizations to deploy a cocktail of technical solutions targeted at each of the component pieces of the spam problem. You can think of it as something analogous to 'zone-based' defense in basketball: identify your areas of risk and task your most appropriate resources to protecting those zones.