RSS & Viruses?
RSS is an xml file, which by definition is an ASCII text file with mark up. It is an interpreted file. By itself, it cannot execute a virus. The only potential risk would be within the feed's description field, which can carry html data. Viruses can be embedded within html, but there is no more risk to allowing RSS feeds than allowing employees to use html email, or to surf the web.
Also, consider the facts. Email recipients never choose to get spam, and web surfers cannot anticipate clicking on an expired domain that's been redirected to an unsavoury website. RSS users, on the other hand, choose their content sources. On that point alone, which technology would you trust?
Thanks to Connie Crosby & Simon Fodden for the offline discussion. All three of us were asked this question, and echoed the points above with resolve.