Abe,
That is a good question, the script isn't really as intensive as one would think, I'm using it on about 50+ users and I don't notice any type of problems. I wouldn't say it's resource intensive as all. It's simply tailing the /var/log/secure and watching for connections, then adding them to the smtpd_check_rules file. I guess the only thing that would be intensive is if there was a massive flood of unique POP requests, then File IO would increase to handle each individual IP, but as far as processor utilization, this should always be minimal.
As far as a console save destroying the pop-before-smtp:
Because the script is installed in it's own directory, and is called from rc.local (a non-templated file), you shouldn't have any issues with making system changes and losing the pop-before-smtp configuration.
Hope this answered your question,
Nathan Fowler
evilghost@stickit.nu