The problem with the + notation is twofold: First, not all places accept the + character; second, you've now revealed your actual e-mail address (since foobar@gmail.com is just as valid as foobar+dontspamme@gmail.com).
I use a subdomain with catch-all, like me.example.com. Everybody is fine with subdomains and then I can use companyname@me.example.com. Using that format doesn't expose my actual e-mail address and makes it easy to filter (if match companyname, immediately bin and never tell me).
Additionally you cannot send an email from foobar+dontspamme@gmail.com. If you aggressively use the + character for legitimate signups but need customer support they may not be able to find your account as easily (e.g. "we couldn't find an account associated with e-mail foobar@gmail.com").
For me, the actual email problem isn't huge - my first line of defense is giving out a burner email unless I want the primary site to be able to contact me. So I don't expect to get truly hammered with spam, and just want a way to know what happened if someone does sell the address.
The invalidation issue is a bigger one, and a subdomain is certainly a better solution for it. Disposable emails and the + notation are nice for people who either don't want to leave gmail, or are bound to it via college or company email system. They aren't the best cure, though.
I use a subdomain with catch-all, like me.example.com. Everybody is fine with subdomains and then I can use companyname@me.example.com. Using that format doesn't expose my actual e-mail address and makes it easy to filter (if match companyname, immediately bin and never tell me).