According to the RFC specifications for email addresses, "+" is a valid symbol when used before the "@" symbol. The "+" gives you an unlimited number of email addresses that can be sent to one account - automatically. You can create your own email addresses, using this technique with no intervention from IT. Most Internet web forms do not allow the "+" sign to be input for an email address and those validation programs are wrong.
Consider this: JohnDoe@gmail.com = JohnDoefirstname.lastname@example.org = JohnDoeemail@example.com = JohnDoefirstname.lastname@example.org
In this situation, all email will still get routed to the base address (JohnDoe@gmail.com), but because the "to" address is technically different, it can be filtered easily. In the case of JohnDoe+nospam01, the email address can be given to anybody that may spam. After a while, JohnDoe+nospam01 can be turned off in email filters and JohnDoe+nospam02 can be activated. Anything after the "+" is treated essentially as a comment and ignored by the mail server. This will allow your mail client to do tricks based on content.
Items to consider:
* Anyone collecting email addresses online should think about looking at their email address validation routines and making sure that a "+" in the prefix is an allowable character.
* While gmail is used in the example, other email addresses should work.
* Not a cure for spam since comment can be parsed to figure out base address.