# iptables -A INPUT -p tcp -m tcp --sport 25 -j ACCEPT
Unless you want to restrict traffic to that originating
on port 25, you don't need this line. All this rule does is prevent a remote user from running their service on a different port. If that is what you want to do, fine, otherwise just stick with the first line.