I've done the same thing for years (yikes-- 20 as of last year-- I'm old!), albeit sometimes I use an opaque identifier for the username portion (because some sites treat addresses with their own domain name in then funnily and I've had humans question it). As a bonus I've identified and reported two previously unknown data breaches by reporting the date I started receiving spam to a one-off address.