Limiting mirc (except for $decode maybe, which really has no use in command line) to "protect" users is a really bad idea and only ends up annoying users. A lot of people use this feature (which you call exploit) to send multiple commands to the server in one packet (thus eliminating any delay between those commands, a common example is ban+kick) and wouldn't like to see it gone.
The argument "users can be tricked" isn't valid because users can be tricked into typing/doing anything. Why should LF sending be disabled and not for example /run? Or /remove? Or $findfile()? I could go on forever listing commands that are 10 times more dangerous than allowing LFs. The point is, mirc shouldn't be crippled because some users don't know better than typing whatever they're told on IRC. The best you can do for these types of problems is user education: help channels, websites etc.
