Forum OpenACS Q&A: Re: Possible bug in ACS Mail Lite
This reference  (ned freed) mentions that is is fine to set both the name and the filename parameters, and since thunderbird makes this as well, it should be fine when OpenACS does it also. However, i see no relation to "safety reasons".
From my point of view, please go ahead to commit the change. Hopefully, the content of $name is sanitized.
I have changed the code on my end so title is set and this should fix the problem without committing anything. Anyway, putting a one-liner to avoid empty names into content-type shouldn't hurt.
All this said, I really don't know what Libero provider is so worried about...
the only reason I am passing through file-storage to send attachments is that ACS Mail Lite currently needs a file to reside into the file-storage to send it as an attachment (as far as I know).
At the time I just wanted the feature up and running, so I didn't care, but you can tell yourself this approach is far from being optimal: I have to save my attachment into the file-storage, send the email, then delete it... and all of this needs to happen in a transaction in order to be safe.
It won't take forever to extend Mail Lite so it can also send attachments taken from a regular file on the server, and this would be very convenient for me.
I will propose you my change to see what you think