That's what I do: I have a wildcard alias such as 202*. When I register on a site that I'm not comfortable sharing me real address with, I use something like 20230926facebook@domain.com.
This way, I know when I registered and I can check if such website sells my address once you receive spam on that address. Then you can just "turn it off" vial mail or spamassassin rules