As spam began evolving from a mere annoyance to a serious corporate IT concern several years ago, literally hundreds of new vendors emerged to capitalize on the business of blocking unwanted e-mail.

As promising as those start-ups seemed then, some of the most promising have been gobbled up by giant public vendors wanting to add e-mail security to their portfolio. Just as these small companies are becoming divisions of large networking giants, the task of blocking e-mail threats is being assimilated into other networking products, and experts and customers say that’s for the best.

Cisco’s plan to acquire IronPort, announced last week, is the latest example of a public network vendor buying a smaller, private company focused on blocking e-mail and Web-based threats. While the greater IT security industry is going through bouts of consolidation, the e-mail security market is particularly interesting, because these once-hungry start-ups that once touted themselves as the successful public companies of the future are disappearing into divisions of other companies.

“If anyone was going to IPO, it was going to be IronPort,” says Paul Stamp [stet], senior analyst of security at Forrester Research, adding he was somewhat surprised by the Cisco announcement.

IronPort executives often talked about leading the antispam market and building a large, profitable company. “E-mail is broken, and we're going to fix it," was the self-assigned task IronPort CEO Scott Weiss gave his company in 2004. “It’s our ball to fumble.”

A common concern when large companies snap up smaller ones in any given industry is that innovation will stall, because big vendors move more slowly than start-ups and may be less willing to take risks on developing new technology. Yet the fact that there are very few public antispam vendors could reflect the fact that spam blocking is better off as a feature, not a product.