If you provide a service on your system, then there are almost always complications that arise from its interaction with your user community and the outside world. Often much of the effort required to maintain a service is not involved in managing the software and its configuration, but in managing its interaction with its users and the rest of the Internet.
Once upon a time, it was really pretty easy to run a mail server. You installed and configured your mail server software, and most of the time it just ran itself. Occasionally you'd have to break a mail loop, or answer some postmaster mail from someone looking for a wayward user, but your users could send their mail and receive their mail and everyone was pretty happy.
Spam (in the form of unwanted mass mailings) was not unknown, but it was rare. It became a more common problem in the mid-90s as access to email and the Internet became more widespread, and has grown steadily in severity ever since.
Today it's almost impossible to run a mail system without dealing with spam issues continually -- by some estimates spam is now over 90% of all mail volume, and anyone who uses email at all sees spam. People whose email addresses have become widely known to the spammers may get far more spam than wanted mail.
As a sysadmin, you're stuck trying to use technical measures to mitigate what is ultimately a social problem -- and as a result there's no real way to win.