I recommend using SES. Amazon sets up the DNS records and adds signatures to the messages, greatly reducing the chance they will be flagged as spam. And it's easier to do than setting up your own SMTP server. There's even an Amazon AWS SDK for node.js that supports SES.
If you use SES you do not need to open port 25. You don't need to open any incoming ports; you connect to SES via a normal https URL. (You don't need to open any incoming ports to use SMTP or sendmail to send mail out, either.)