Security risks of allowing incoming traffic as a response of a previous request

view story

http://serverfault.com – I understand that somebody would want to block incoming traffic as a general rule except for public resources. And I also understand that you could want to block all outgoing traffic except for certain external services. But is there any serious security risk if I allow incoming traffic that represents responses to previous outgoing traffic, e.g. HTTP requests? (HowTos)