spamassassin-users January 2011 archive
Main Archive Page > Month Archives  > spamassassin-users archives
spamassassin-users: Re: DNS cache efficiency for low-TTL records

Re: DNS cache efficiency for low-TTL records (was Re: IPv6 DNSBL/WL design, was Fwd: [Asrg] draft-levine-iprangepub-01)

From: David F. Skoll <dfs_at_nospam>
Date: Tue Jan 04 2011 - 20:24:09 GMT

Following up on myself...

> I ran a little experiment.

Just for fun, I took a day's worth of logs from a fairly busy server.
There were just over 3.1 million SMTP connections/day. If they'd been
using a DNSBL with a 15-minute TTL, they would have had about 1.13 million
cache misses and 1.97 million cache hits. Turning off caching completely
would increase the load on the authoritative server by a factor of about

This is (to me) surprising. It means you could probably build
a DNSBL/WL that permits queries for every single lookup to go to the
authoritative servers without terrible difficulty. Scaling up an DNSBL
10x or 100x would be hard, but 3x? Should be doable.

(Spamhaus could greatly lower the load on its servers by using much
bigger TTLs, especially for lists that don't change often like the PBL.
But as another posted mentioned, sometimes DNSBL owners want to see
the queries, particularly if they want to charge high-volume users. :>)