One way security vendors can identify unsolicited email is through the use of what is known as "spam traps," which are fake email addresses and sites used to lure spammers. The better snowshoe spam outfits do "list washing," meaning they actively try to scrub complainants (including spamtraps) from their email databases, Schultz said.
Cisco is able to identify the snowshoe spam via a full-spectrum approach, Schultz said. "We not only look at the volume and the relative number of complaints coming in from our sensor network, but we also analyze relationships between the various domain registrants, domains and IP addresses used in the snowshoe spam attacks," he said.
McAfee's technology also leverages multiple factors and inputs to help identify snowshoe spam, Wosotowsky said. "McAfee has automated classifiers in GTI [global threat intelligence] as well as sophisticated domain identification rules to react quickly to outbreaks," Wosotowsky said. "We also have manual research tasks to look for missed snowshoe campaigns and are working on more and more aggressive rules."
Modern anti-spam technologies can be effective at catching most forms of spam, though Symantec's Narang noted that fundamentally, it's a numbers game. "To the end-user, the effectiveness of an anti-spam solution is determined by the number of spam messages the end-user gets in their inbox," he said. "With anti-spam products at 98 percent effectiveness, the end-user receives 1 out of 50 spam messages sent."
If anti-spam effectiveness goes up to 99 percent, the spammer would simply respond by sending more spam, Narang said. If the end user receives one spam message out of 100 sent, there has been no difference for this particular user, despite the improvements made in the anti-spam solution.
Though technologies continue to improve, the battle against spam is still not over, the researchers said.
"When one miss has the potential to do a lot of damage, we cannot keep our guard down just because we filter 99.9 percent," Narang said.
For Wosotowsky, the battle against spam is still far from over because of the simple fact that there is still money to be made by the spammers.
"Bypassing filters is a big money-making effort for snowshoe advertisers, and as long as you’re facing off against intelligent adversaries who have a financial incentive to keep trying until they get through, they will keep coming up with advances in spam warfare techniques," Wosotowsky said.
Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.