I'm sure this would cause people to greatly hate your server though, since it would seem as if the server is lagging terribly.
Sounds like a bad idea, but then again, I'm responsible for some pretty bad "ideas" myself (cough, fake bot avatars + ping.)
As far as a server-side plugin though, you have no real control over what clients do. Most client-side effects that are created are already programmed into the game's client and sent via "UserMessages" in a packet from the server to the client. Which, can lead to an "assumed" control over the client. For example, it's somewhat popular for evil admins to send a temp entity (effect) to a client with a garbage value to cause a crash.
Now, there is one little exploit where you could force a client to download a server plugin to be autoloaded, then the dll could run any code you want. However, I believe Valve recently patched this (since many users were using client-loaded server plugins for cheating purposes.)
Honestly, I'm a bit out of the loop though. I've not really played anything in several months (except when I grabbed Portal 2, finished it and all co-op).
I'm sure someone who knows a lot more about exploits could come up with some clever way to get a client to hash, but I believe it would be terribly ineffective.
Short answer; the code doesn't "allow" for this, but an exploit may be possible. After all, µTorrent's code doesn't "allow" for a fake upload modifier, but that doesn't stop memory injection ;-)