I've been using this trick for a while (usually 'firstlast+per_service_identifier') and I've encountered more than a few systems which erroneously claim that any email address containing a '+' is invalid.
I had an account on some site and didn't use it for years. When I go back and try to login they demand I reset my password and verify my email. Sure, no problem. Thing is I used a foo+bar@ email and they had a little sanitizing script running that removed it when submitting the form. Rewriting their spaghetti and getting the form to submit successfully was fun. I was very surprised it worked. Guess they weren't sanitizing on the backend.
I have used it all the time over a dozen years, both for site-specific email addresses and also for having lots of handy test email addresses in my personal app development. Often I just wish I had been more disciplined about using it even more for site-specific addresses, but fortunately more websites about friendly about unsubscribing these days.
You could encode the service_identifier in a pattern of dots around the letters of firstlast for cases where the '+' is not allowed. But that's probably hard to do in a way that's easy to encode on the fly, unless you already know morse or something similar.
For selfhosting, there's `recipient_delimiter = +-.` in postfix' config. [0]
The most infuriating ones are those where you can subscribe with the '+', but the unsubscribe function errors on it.
[0] https://try.popho.be/email.html