As your module is doing a good job, you might consider adding a filter that converts firstname.lastname@example.org to email@example.com, where the added hex string contains the encrypted timestamp and remote ip-address of the address harvester.
If one receives spam to such an address, he knows the IP address of the harvester and can try to prosecute the spammer.
See Anti-Spam Mail Address Encoding (with encrypted IP-Address) for two subs doing the encoding/encrypting
alex pleiner <firstname.lastname@example.org>
zeitform Internet Dienste