Ok, couple of things here:
SM xenex
Windows XP, Windows XP SP1 and Windows XP SP1a do not feature the same firewall as Microsoft are going to introduce with Windows XP SP2. Prior to SP2 the best Windows has to offer is the ICF - or Internet Connection Firewall, which is disabled as default and provides a minimum of protection compared to any of the mainstream offerings.
Service Pack 2 features an all-new Windows firewall, with much more in the way of features and control. As standard all outbound access is blocked and it's only when you use each application or port, that Windows will intervene and prompt the user as to whether they want to allow that program access to the outside world. Conscious that even their own browser can be made to do less than pleasant things when exploited this blocking includes Internet Explorer. Behavior is much more like ZoneAlarm and as a result ZoneLabs amongst others are trying to gear up for some kind of Antitrust action against Microsoft, believing noone will need to buy their application once SP2 makes it to market. Funny how people criticise M$ for security, and when they finally DO sort it out, someone is laying in wait to sue them.
The biggest problem is that it's enabled as standard, so no game or app will be able to reach the outside world without the user first granting permission. For most things that will be peachy, as it only requires a couple of clicks to allow communication, but for certain games, especially those which are prone to locking up or crashing when the user alt-tabs to desktop or the OS generates a popup, then that security prompt will leave the user unable to play online until the developers concerned fix their code.
Kryptos
I'd urge you to think twice before you try and act like the voice of authority on all things related to RFC standards or networking. Your jab at M$ over IPV6 support is completely inaccurate as IPV6 for XP/Windows 2000 has been available for almost 18 months now as a separate download - a part of their 'advanced networking pack'.
Your comments on firewall behavior also falls well clear of the mark, if properly maintained then the only way a hacker can make it past your firewall is by a known exploit or flaw. The MTA team shouldn't need to add anything to handle the SP2 firewalll either, as it makes its network connections whilst still within the windows environment, and any user using SP2 will be prompted as to whether they wish to permit MTA to access an external address with a popup.