Comment by fragmede

yes, but service is too guessable, so append a randomly generated nonce as well, eg service_rjfh34@example.com. It doesn't need to be cryptographically random, just non trivially guessable to prove the service is leaking email addresses.