> It’s almost universally true.
It’s not. I give a unique email address to every service I register with, which means I can see who is leaking my email address. Very few of them leak my email address at all, and those that do tend to do so involuntarily through data breaches.
The other main factors in spam are the sleazeballs at Apollo, ZoomInfo, et al., services that use my email address internally for more than I consented (if I use my email address to register for a service, this does not permit that service to add me to their product mailing list), and the spammers who guess email addresses based on LinkedIn info (e.g. name + company domain).
The number of services who appear to take an email address I have given them and sell it appear to be extremely rare.
If you dont mind, What kind of unique email address do you use and how do you manage all the aliases?
There’s no real management involved. I set up a wildcard MX record for *.example.com and hand out jim@<some-id>.example.com whenever anything needs my email address. I don’t need to specifically set up an alias. If spam comes in, I look at the To address to determine where they obtained my email address. Fastmail can be configured this way, for instance.
Most mail providers also support plus addresses or wildcard local parts, so you can do jim+<some-id>@example.com or just <some-id>@example.com. Gmail supports plus addresses, for instance. The downside is that some services reject pluses and some spammers strip out the IDs.
I do the same, and seem to have a much higher hit rate (or a much lower acceptable baseline!)