On Tue, 2011-10-18 at 21:55 -0400, David F. Skoll wrote: > On Wed, 19 Oct 2011 03:12:34 +0200, Karsten Bräckelmann wrote: > > > > That's true, though caching is much less effective than you may > > > suppose. In real-life measurements on real mail servers, I found a > > > very low cache hit rate for common DNS{B,W}Ls, on the order of only > > > 25-50% hits. > > > As in cache hits? That's quite substantial. > > I didn't think so. It means that between 50-75% of DNS lookups must > go all the way to the authoritative name server.
With more than 90% spam of the mail volume (according to almost any published stats), even 25% cache hits mean, that caching does not only work for ham, but spam, too. Anyway, it means that the volume of messages before hitting the free usage limit is 25-50% higher than the commonly perceived and frequently incorrectly claimed limit (where one message does equal one query for IP based lists). These numbers tell differently -- up to half the query limit in addition in terms of mail. > > Also, is this overall, somehow a mix of both black and white-lists, as > > well as different types (IP vs URI)? > > My measurements were against IP blacklists. > > > Given the very different TTL for different types of lists, I suspect > > actual cache hit rates vary a lot. > > Not without pretty high TTLs, in our experience. And DNSBL operators I was talking about different *types*. As in IP vs URI. Where TTLs do vary a lot -- 3 minutes for SURBL, 12 hours for DNSWL. > have two motivations for having relatively low TTLs: One is to make > sure the data is fresh, and two is to detect high-volume users so they > can be billed. -- char *t="\10pse\0r\0dtu\0.@ghno\x4e\xc8\x79\xf4\xab\x51\x8a\x10\xf4\xf4\xc4"; main(){ char h,m=h=*t++,*x=t+2*h,c,i,l=*x,s=0; for (i=0;i<l;i++){ i%8? c<<=1: (c=*++x); c&128 && (s+=h); if (!(h>>=1)||!t[s+h]){ putchar(t[s]);h=m;s=0; }}}