What do you mean you can just make them up as you go along?
Suppose I have two users in my domain: bob@mydomain, alice@mydomain.
How can alice just make up a new @mydomain address which goes to alice@mydomain? Okay, that part is simple: we can have an entire space of these generated by a rule, like gmail's addr+whatever@gmail.com.
But then how does alice invalidate such an address that is misused?
I want it so that any address that is not valid generates an SMTP bounce; I don't want an infinite space of aliases that map to an address to all be considered valid, but a specific set, controlled by the user. When an element is removed from that set, then further attempts to send to it generate SMTP bounces.
Furthermore, I want it to be completely anonymized, just like Throttle are doing, as in:
<random-chars>@mydomain -> alice@mydomain
The text "alice" doesn't appear in the plaintext anywhere, and cannot be reversed out of the local part.
EDIT:
To solve one of these problems, what we can do is assign to each user some random identifier of fixed length, from which further addresses can be generated. For instance alice@mydomain also gets "xZa3f@mydomain" when the account is created. To this local part, arbitrary characters can be appended: "xZa3f4abPspamming.dickheads.com@mydomain" such that this still routes to alice@mydomain. Doesn't handle the SMTP-level invalidation requirement though.
