Hi Sebastion,
Well, from my firewall logs, the module is making anonymous access requests to the Internet, which is normal, as IE also does that by default first, too. However, IE will receive a notification from the Proxy/Firewall that authentication is required, then IE will pass the currently logged in users' credentials and get access, if the rules allow.
Typically, it is not a good security practice to allow all outbound traffic to every machine or user on the network, so even though my portal's application pool account is run under a low level AD Domain account, portal modules cannot just go out to the Internet and access any site they want because that low level account has no access permissions. It obviously can respond to inbound requests without a problem.
Anyway, this type of setup clearly causes more work for the admin to determine what custom Firewall rules must be written to allow needed outbound access for various internal systems and applications, but at least it's not a "free for all".
So, having said all that, the idea was to allow an admin to create a new "special" low level AD account that would be configured with general outbound http access, and then enter those credentials into the modules settings for it to use to access RSS sites.
I'm sure this is more complex than anyone else cares about. I just like to have strict security controls in place so I know where outbound traffic is originating from and why.