OK we tried one week of TTLs at 15 minutes (after a week at 25 then 20 minutes) and the DNS traffic levels don't seem much higher because of it:
http://nmrl.kconline.com/rbldnsd/
The measurement is perhaps slightly complicated by the fact that people may be moving over to multi.surbl.org with SpamAssassin 3.0, but looking at the relatively unchanging lists, the shorter TTL change seems to have not had much effect on traffic or only increased it slightly. (Note how traffic on multi is growing while the others (presumably using SA 2.63 and 2.64 or urirhsbl with SA 3.0) essentially aren't.)
We already know the traffic is significantly higher at 10 minute TTLs, from the sc.surbl.org setting before (in the first week on the sc graph), so 15 minutes is probably optimal in terms of quickest additions and deletions from the list while also minimizing DNS traffic.
So I'd like to propose that we stick with 15 minute TTLs for all SURBLs.
Any comments?
Are we on the right track with this?
Jeff C.