"is that it makes for the perfect denial of service attack"
Not if it also logs the IP the attacks come from - even my hmailserver does that when it blocks too many logon attempts. And hope you have still ways to access the server from a VPN and internal IPs that can't be easily DoSsed...