Possible DOS on MDConfig (MDaemon)

MDaemon mail server for Windows comes with a utility called MDConfig to
remotely administer a MDaemon server.
To establish MDConfig connection to a MDaemon server, an administrator must
enable MDConfig server on the server machine. Connection will be established
on a predefined TCP port, by default 3002. Connection procedure is similar
to these:

–> telnet servernameORipaddress 3002
+OK domainname MDCONFIG interface ready
–> VERS {ENTER}
-ERR MDConfig v3.5.0 required (we identify the server version here,
connection closed)

Try to connect again:

–> telnet servernameORipaddress 3002
+OK domainname MDCONFIG interface ready
–> VERS MDConfig v3.5.0 {ENTER}
+OK MDConfig v3.5.0 acceptable (Connection established)
—> USER anyname
+OK <anyname> got it

Here just wait without giving any password. The server will be waiting until
either the correct password is entered or the inactivity timeout period
(possibly 10 minutes). During this period you can press ENTER to avoid
timeout problem. Inactitivity time will be reset back to 10 minutes and
restart countdown.

OK, the problem or the possible DOS attack on MDConfig is here. Now open
another telnet session and try to connect. The connection will be refused.

So, malicious user can esatablish a connection and maintain the link and
any MDaemon administrator who try remote administer the server will be
refused connection.

Isn't it bit annoying and ALT+N must take care of it?

Riyad
Sri Lanka