We all have our fair share of email spam every day we are dealing with. If you ask me I do not see any improvement in the number of spam messages I receive, no matter what legislation is passed or what "cool" anti-spam technology hits the market. My mailbox receives the same amount of spam messages now for years. Once in awhile it goes up a bit, usually when spammers discover a new way to get around anti-spam techniques (e.g. PDF Spam), and a couple of months later it goes down, when the anti-spam vendors have caught up with that new way of distributing spam. As with malicious code we are always one step behind. When is this going to change? Technically it could have changed years ago when major email providers (e.g. Yahoo, AOL, etc.) tried to implement better authentication/security into email. Unfortunately that lost momentum quickly due to the number of mail servers. We are actually facing the same problem with the DNS system, too many DNS servers to change if a new technology arrives, addressing the DNS security problems we have seen lately.
Here is an interesting article on how spammers check if they have a valid email account: http://www.scmagazineus.com/Spammer-campaign-exploits-email-read-receipts/article/119130/
1SSA - Security consulting, training and products: http://www.1ssa.net