Cannot directly reject traffic on port 25

Question

My server is running Ubuntu 10.04.4 LTS and I want to reject traffic to port 25. The goal is this:

$ telnet {ip} 25
Trying {ip}...
telnet: connect to address {ip}: Connection refused
telnet: Unable to connect to remote host

I've tried using iptables directly, but that failed. Instead, I'm now trying uwf:

$ ufw reject 25

However, it doesn't work as expected:

$ telnet {ip} 25
Trying {ip}...
# Waiting for a minute…
telnet: connect to address {ip}: Connection refused
telnet: Unable to connect to remote host

If I try the same with any other port (say, 23), it works without the waiting time. This is strange, because nothing is going on on port 25 according to netstat.

How can I reject traffic to port 25 directly, without this delay?
Note that the same technique on another server worked.

Update: here's the relevant part of iptables:

Chain ufw-user-input (1 references)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:ssh 
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www 
ACCEPT     udp  --  anywhere             anywhere            udp dpt:www 
REJECT     tcp  --  anywhere             anywhere            tcp dpt:smtp reject-with tcp-reset 
REJECT     udp  --  anywhere             anywhere            udp dpt:25 reject-with icmp-port-unreachable 
REJECT     tcp  --  anywhere             anywhere            tcp dpt:telnet reject-with tcp-reset 
REJECT     udp  --  anywhere             anywhere            udp dpt:23 reject-with icmp-port-unreachable

Update: answers to comments

• ufw deny 25 does not work either.
• I'm connecting from a remote location.

Answer 1

tcpdump time:

tcpdump -s0 -w /tmp/tracefile.pcap tcp port 25

CTRL-C when done testing, then load the file up in Wireshark.