And still the spam comes...

Tech vendors have made headway in the war on spam, yet spammers are returning volley with sheer numbers. Perhaps it's time for more drastic measures? These are the rumblings from InfoWorld Test Center analysts, who reviewed anti-spam email appliances and released their findings last week.

"The biggest reason we're not winning the war on spam has little to do with the anti-spam vendors," says Logan Harbaugh, a Test Center analyst. "It's more about the ever-increasing volume of spam."

Anti-spam email appliances work anonymously on the frontlines of IT security, blocking millions of pieces of spam (or unwanted e-mail) every day. Because spam is often the vehicle used to deliver malware, viruses, and other nasty stuff, anti-spam is considered one of the most important defences in IT security.

And anti-spam vendors are doing a decent job: According to the Test Center, email appliances today catch an average of 96.1 percent of spam, up from 95 percent two years ago.

While a single percentage-point gain might not seem like a great achievement, catching spam is more difficult than you might think. "Anti-spam is like an arms race," says Doug Dineley, who heads up the Test Center. "Spammers buy filters and test them to find weak spots. Then filter vendors plug the holes with new rules."

But vendor advancements pale in comparison to the swelling ranks of spammers. A Symantec report released this month shows that spam is on the rise. In March, more than 80 percent of all email was spam, up from 78.5 percent in January and February. Overall, spam volume is up 20 percent compared to last year. The report also warns of a popular spammer trick called backscattering, which is the practice of bouncing e-mails around the globe until they're received.

As overall email volume rises, so does the amount of spam. In order to keep up with these increases, as well as the latest spam tactics, companies must upgrade their anti-spam solutions every year, thus taxing IT resources and budgets. "Spam has become an operations problem, not a technology one," says Chenxi Wang, an analyst at Forrester Research.

To wit, the Test Center reviewed email appliances on five fronts, including four "operational" ones: manageability, scalability, ease of setup, value for the money, and effectiveness at catching spam.

So far, there have been two significant battlefields in the war on spam. The first is the content of the email message itself, followed by the IP address of the system that sent it.

With messages, email appliances analyse message content for spam characteristics, such as misspelled words, weird patterns, and popular spam terms, such as "Viagra." Each message is then rated on a scorecard that determines whether or not the message will make it to the inbox. While this heuristic approach for ferreting out spam is still used today, anti-spam vendors have taken the battle a step further.

Only a few years ago, vendors added sender-reputation services to their arsenal - that is, analysing the message's origins, building databases of good and bad IP addresses, blocking all messages from IP addresses of known spammers, and limiting the number of connections or messages per minute from suspicious senders.