Do Gmail aliases have any anti-spam value whatever?
 

In this article Google explains the concept of a Gmail Address Alias, as follows.

Using an address alias

Gmail doesn't offer traditional aliases, but you can receive messages sent to your.username+any.alias@gmail.com. For example, messages sent to jane.doe+notes@gmail.com are delivered to jane.doe@gmail.com.

You can set up filters to automatically direct these messages to Trash, apply a label or star, skip the inbox, or forward to another email account.

I may be missing something very fundamental here, but it would seem pretty clear that all a spammer (program) has to do to get the 'real' Gmail address is to remove the +notes from the above example to obtain jane.doe@gmail.com. In general, just remove everything from the + to the @gmail.com, including the +.

If so, what on earth is the point of Gmail aliases? I'm deeply puzzled...

Gmail doesn't advertise email aliases as an anti-spam measure.

The point of Gmail aliases is explained in the last paragraph of the text you quote. You may consider these suggestion pointless or useful, that's your choice.

To get true aliases while using the Gmail interface, you actually need to have your own domain and use Google Apps. There you can have 'nicknames' (Google's word for aliases) that are easily made and deleted.

But I believe I heard someone say once that they successfully used the Gmail "alias" feature (using the "+") with some online service (Craig's List ?). The automated system sent mail to the username+whatever@gmail address, but the main address never got spammed -- or at least not yet. ;)

Thanks to you both. I will have to look into the "own domain plus Google Apps" method of email aliases, to see if it does what I'm after.

This page provides a summary of the feature. :)

FWIW, in my GA account I have one domain hosted and one user (myself, the administrator). In an attempt to have a little more security, I created a complex, alphanumeric username which I use only for logins. Then I created a nickname (or two) which I then use for actual email activity. Hopefully, that way anyone trying to break into my account will not only have to know the password (which in my case is over 22 characters) but also the login username which is other than the email address that the would-be hacker may be aware of.

Of course, you can also simply have the admin account for administrative purposes only and then create many user accounts for yourself (some for 'alias' purposes), which will forward to your 'main' account.