Well worth doing
Been doing that for years, it's interesting to see which firms have been hacked when the spam starts arriving at their assigned email address :-)
One point - this approach requires catch-all email forwarding on the server, which some suppliers don't like to provide.
It also means that you then get all the cr4p sent to randomly generated addresses at your domain - any that turn up more than once I forward to a junk folder.
Biting the hand that feeds IT
