Do you have the system automated? Meaning: if I send email right now to {somerandomstring}@{yourname}.{yourdomain} does it get automatically rejected, or flagged? And if yes, how do you add {myname} to your whitelist?
I'm not GP but use a similar system. I just set up a global forwarding rule for the domain using forwardemail.net. The default is to let it through. If I get a spam message I'll check the "to" field in gmail and can quickly see who it was that sold it or leaked it. Can also create a rule in gmail to send to trash or can even add a forwarding rule for that inbox if needed in forwardemail
I have fastmail configured to accept *@{my name}.{my domain} and then I have a rule for each blocked sender. So it's it opposite of the logic that you want: I'll receive they mail until I explicitly block you.
This is still not implicit block like you're after, but when I looked through the settings to see how I had it configured I discovered this integration with 1password: https://1password.com/fastmail/
At least from the promo video that seems very much like Apple's "supply a unique email" feature. Which is better than nothing, but waaaaay less feature-ful and much more manual than my ideal setup.
For my hosted E-Mail I've configured one inbox as "catch all unknown". This allows me to "generate" e-mail addresses on the fly without any configuration (at least receiving). Once one of the addresses / aliases was burnt for some reason I could make a separate postbox of it with all blocking rules and dead end for spam. This is a quite comfortable way for me, although the emails are not flagged in any way. They will come through in any case and I postponed the the work to any malicious event.
This is basically what I do. {tag}-{signature}@{domain}.
The upside is that it is easy to generate new addresses, I don't need to talk to my mailserver. The small number of addresses that need to be revoked are manually added to a backlist.
Both Gmail and Fastmail supports "+something" in the local part of your email address, so you can just add a foo+*@domain filter to block everything or move it to a folder, and then add a foo+someapprovedsender@domain filter before it for anyone you want to reach your inbox.
Almost every provider (social media, banks, websites and spammers) also know this, and routinely remove anything after + in @gmail addresses.
Indian Retirement Fund website, NPS, government operated, will take your abc+nps@gmail.com at signup, no errors, but will not let you login saying, Email Not Found. You have to login with abc@gmail.com to get in your account.
All the places I've given addresses like that dutifully e-mails to the right place, so I guess I must've gotten lucky. But if you use your own domain with Fastmail (which I'd recommend anyway, so you have an easy way of moving elsewhere if you need to - how I was able to migrate to Fastmail from Google relatively painlessly in the first place) you can also set up catchall addresses so you can use the whole local-part instead:
Fastmail supports both yourname+foo@example.com and foo@yourname.example.com. I use the latter precisely to avoid the problem of sites that don't play well with plus addresses.
