The woes of supporting an "I don't want to leave any crumbs" threat model. There are countless of pro-privacy projects who call themselves that simply because their service can be used to increase privacy, but they do not actually do much to protect privacy beyond that. Many even use Google Analytics.
For B, simply support both. This site is popular enough for there to be no risk sharing: Guerrilla Mail.
Take a look at your network requests though, there isn't a single third-party script running on the site.
I understand what you mean, but it has to apply to the use-case.
If the service I was running was to support journalists, then I would agree with you, but taking these measures would help promote spam as users would be able to get around the rate-limiting that I've set.
For B, simply support both. This site is popular enough for there to be no risk sharing: Guerrilla Mail.