iptables problem with ftp

I have a pretty stock iptables script. One rule allows active ftp from an outside IP address. To troubleshoot it, I opened up ftp to all connections from the outside.
When a user outside our domain connects via FTP, they are denied. If I flush the rules, the ftp takes place successfully. This seems pretty simple, but I don't know what to try next.

Below are the applicable rules.

# flush all rules
/sbin/iptables -F

# perform stateful inspection of packets (bypasses all fitler rules)
/sbin/iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT

# FTP from the outside
/sbin/iptables -A INPUT -p tcp --dport 21 -j ACCEPT
/sbin/iptables -A OUTPUT -p tcp --sport 20 -j ACCEPT

# Drop all other incoming, allow outgoing, drop forwards
/sbin/iptables -P INPUT DROP
/sbin/iptables -P FORWARD DROP
/sbin/iptables -P OUTPUT ACCEPT

#Save iptables, so reboot will activate all rules
/sbin/service iptables save

what do you mean by denied? Are they completely blocked? Does the connection hang? Do they get connection refused? Do they get a login prompt? Any entries logged to /var/log/messages on what packets are getting blocked? Are they using passive mode?

Thanks for your reply.

I am using and Expect script that enters all the login information for the remote site to ftp to my site. I can see the script doing all the processing that it is supposed to do, creating the file, but then it can't make the ftp connection. It just times out. If I flush the rules, it makes the connection with no problem.

Since a connection is not being made, there is nothing being logged in /var/log/messages. I don't believe that they are using Passive mode.

I guess I can try adding some logging to the iptables ftp rule.