tl;dr: Some ISPs block port 25 outbound.
For a project I’m involved with, I wrote an email server only for receiving email. My intention was to host this on AWS. AWS block port 25 outbound in order to protect AWS from being used for spam, but everything I read about this indicated this was only for outbound (sending email) not inbound.
I deployed my server to an AWS EC2, opened port 25 inbound in my security group, and attempted to send a test email from my laptop and… nothing. My email server never received the connection attempt.
Opening port 25 outbound requires an AWS support ticket with justification. But that’s just for outbound.
It turns out: my ISP blocks port 25 outbound. This is also a spam prevention measure. I tested from another cloud provider where I have an old server that doesn’t have a port 25 restriction and successfully tested sending an email.