Well a real DMZ is not just a server behind a firewall, more ideal you have a firewall between the internet and your net, then your DMZ machines, than the inner DMZ Firewall and than the "normal" PCs. Everything else is not really safe just by saying forwarding all stuff to one PC, thats not a DMZ. Because if the "DMZ-PC" is hacked you can still access the rest of the LAN from that machine, but not if you have a firewall between that machine and your LAN.
So it would look like this:
WWW - FW - DMZ - FW - LAN
I would not use Windows XP for that (even if you can, e.g. with Kerio or sth. like that), but in my eyes it is more easy using some linux with e.g. fli4l or ipcop for that.