If the website is breached, the login isn’t a login for any other website, and advertisers have a harder time correlating your identity, and if you get spam you know who is the culprit, and you can stop the spam by deleting the alias.
With this, no need for any other antispam logic. Back to the mid 90s (which is a good thing as far as email traffic is concerned!).
I always do this as well. I knew for months before they announced it that Dropbox had been breached. Yes, they waited so long to announce that the thieves had started using the emails for spam.
If the website is breached, the login isn’t a login for any other website, and advertisers have a harder time correlating your identity, and if you get spam you know who is the culprit, and you can stop the spam by deleting the alias.
With this, no need for any other antispam logic. Back to the mid 90s (which is a good thing as far as email traffic is concerned!).