While I'd like this too, there is the complication that spamgourmet owns many domains. I don't use *.firstname.lastname@example.org, but rather *.me@<other-spamgourmet-domain>.net.
There was at one time the ability to use one's own domain as a spamgourmet domain (see their FAQ). I did contact the dev's to let me use one of my domains, but I didn't get any response.
Good point, I missed it too.
Note that when we verify a domain, which I did via a txt record, we are then told we can delete the record. What happens if the domain changes hands? I'd suggest the txt record should stay and that it should be checked before new notifications.
I missed it, but it is possible to monitor a domain. See here:
I'm concerned only with #2: Option to monitor a domain. If we leave the TXT record in the domain, then perhaps you could alert us when there is any new breach containing emails from that domain.