I'm missing what purpose the high entropy alias does; from your description the attacker knows the email address and can still sign you up for mail flood?
I'm missing what purpose the high entropy alias does; from your description the attacker knows the email address and can still sign you up for mail flood?
I think the idea is your mail server is set to only accept emails to account names you’ve generated instead of being a catch all. So if one of the ones you generated is used for spam, you could just deactivate that one and move the service that email was associated with to a new generated email. and because there’s no catch all, an attacker can’t just sign up literallyanythingrandom@example.com with dozens or hundreds of different emails.