[eluser]Randy Casburn[/eluser]
i'm thinking here, but off the top of my head the first risk you'll face is a deposited text or other type of file. It will incrementally become an executable script in stages. Even during the course of a month or so. Once that happens, you've potentially become a spam source. This is a fear with any publicly accessible site with a scripting upload capability. But let me re-read your post and think on this.
I'm working on the same project - different name, different objective, different customer base. Same type product design I suppose. Would love to talk some time.
Randy