Dreamhost’s IMAP server does lock an account after some threshold of failed login attempts is exceeded. I ran into this when I implemented a bunch of post-Heartbleed password changes, and had overlooked updating the credentials on some mobile devices that kept polling frequently with the old credentials.
I got the impresion that it was a pretty high threshold to trigger the lockout.
Keep in mind that there are at least 4 other ways for someone to access your email credentials (POP, web mail, password change web form, SMTP relay), and they may nnot implement lockouts or the same thresholds.
Your best defense is to use strong passwords, and make sure all your mail clients are using encrypted connections (TLS, SLL, HTTPS).