Each future POP authentication will update the expire time of the open-smtp entry and rebuild the CDB file again.I don't believe it actually rebuilds the CDB file here, but it does update the open-smtp file with the new timestamp for the expiry. In any case, any change to the IP list and it updates the CDB file.
So for every pop authentication you have a CDB rebuild, versus a CDB read.And adjust list line per above.
CDB is great for mail, because it needs to be updated only when an account is added or password is changed. It's made for reading, and a lot of reading, as well as updating without causing issues. Fast lookups. As that database gets big and filled with IPs, rebuilding it can begin to slow down.