This isn’t just good against spam. If there’s a data breach on the site, it’s another layer of insulation against you and other accounts you own.
It’s close to the equivalent of Apple allowing you to sign up to services using one of their anonymous emails — there’s clearly demand for people to want to keep their emails from being thrown around everywhere.
Wouldn't someone be able to reverse engineer the pattern? I assume everyone is doing some variation of <service@domain.tld> so someone can try to figure out your other email addresses for other sites. Although I don't know if that's worth the time investment.
Right. The method has it’s own flaws, but it’s still another layer of insulation. Someone getting your email off a large user data breach is less likely to pick out your name and attempt to reverse engineer that pattern specifically for you, unless it is a targeted attack against you. For most people, that’s a highly unlikely scenario
For the catch all email setups yes. Not with the way apple does it. They have specific mappings setup so you have no way of finding other addresses of the user since every apple user is behind the same domain and the emails are long/random.
