I don’t have anything with Tile architecture, but CHR 6.46.8 works exactly as I describe, and it’s the same as any other version I’ve seen. If yours keeps adding new addresses, but old ones (that the hostname no longer resolves to) are not removed, it’s bug. Replacing expired addresses with current ones is desired behaviour, that’s the idea behind hostnames in address list, to track current addresses.
But I do agree that a new option to keep expired addresses a little longer before removing them would be useful. It would make using DNS-based whitelist less problematic than it’s now (see this thread). It could be like this:
/ip firewall address-list add list=test address=ddns.example.net extra-ttl=30s
00:00 - ddns.example.net first resolves to 1.2.3.4 with TTL 60 seconds
00:00 - 1.2.3.4 is addded to list
01:00 - 1.2.3.4 in address list expires
01:00 - ddns.example.net is resolved again and it’s now 2.3.4.5 with TTL 60 seconds
01:00 - 2.3.4.5 is addded to list
01:00 - 1.2.3.4 stays in the list
01:30 - 1.2.3.4 is removed from list
02:00 - ddns.example.net is resolved again …
…