Maximo does not support insecure attachments in MAS. There is no web server (such as IBM HTTP Server) to serve those attachments. You'd need to customize Maximo to do something like this. For example, you can create your own API route with a custom java class and say that it is before authentication to serve those attachments without requiring credentials similar to how IBM HTTP Server would normally behave. Your URL would be different (/maximo/api/doclinks for example) but it should be doable.
But I would strongly advise against exposing attachments without authentication. Even if you have no plans to ever run in a cloud environment, you can never use the attachment functionality for anything even remotely sensitive (POs, sensitive information on assets like IP addresses, etc.) because anyone can access the file. Maximo restricting you to attachments you have visibility to see is a critical security feature.
If this is to support some specific use case (IE you have logos in attachments that you want to show in a BIRT report easier, though you can use the REST API to display secure attachments), I would try and move that specific use case out of attachments into an external repository and use URL links instead.