ideally the server hosting at example.com should be smart enough to redirect only to 200 OK results
You can do this on your own server, but I really don't think it's viable on shared hosting. The server would have to perform some equivalent of the -d and -f test on every request, and pore over your htaccess to make sure the request isn't coming from someone who will end up being blocked (core comes after all mods including rewrite). You're looking at a significant detour into a php script for every single request, because a server-level redirect on its own would happen before the request ever reaches your individual site.
You can cut back a little bit by doing the 301 yourself instead of letting the host do it. But it still won't affect your core-level lockouts.
But it really isn't that big an issue. I track redirects for other reasons, and the 301-to-403 sequence-- or 301-to-301-to-something-else-- is very rare. In fact the most common occurrence of 301-to-301 is from major search engines that intentionally ask for the wrong form of the name.