If you rely on catchall, doesn't that make it more difficult to eliminate spam from breaches or bad actor companies/services? With aliases and no catchall, I just delete a one-time-use alias and all spam goes away. Can you do something similar even if you are using catchall?
With a catchall you can just setup a filter rule that auto-deletes mails to certain destination addresses and add more to the filter as they get compromised. Which doesn't even happen all that often in my experience.
instead of domain, use subdomain. You can use forwarding service like improvmx to filter out bad actors. Also, forward email to Gmail. Gmail will reject standard spam emails.