What is the progress of improving voicemail security? Not having password lockout policy in place essentially leaves mailboxes vulnerable to brute force attacks. Although maxlogins and externpasscheck to some extent do help, a persistent attacker will continue attempting to access the mailbox since it will never lock out.
I’m not aware of anyone working on app_voicemail to address your concerns. Perhaps this is something you’d like to take up with code improvements that you make to app_voicemail?