If most of this content is coming from 'generally reputable' ISP's you probably want to look towards turning your content based scanning vs. connection based scanning. One example, is ensuring you have recipient validation turned on, and you may want to try enabling the new probe participation features. Another possibility is to lower your suspected spam threshold.
If the spam you are receiving is targetting your environment specifically, you may want to consider looking for common patterns and leveraging content filtering policies to help combat the problem.
Please let us know if you have success with any of these.