Both DROP and REJECT do drop the incoming packet. The difference is that REJECT sends a reply that explains why it did drop.
The --reject-with icmp-host-prohibited specifies what reply the REJECT sends. In this case it sends an ICMP packet of type "this host does not want to talk with you". The reject-with is not part of the "match rule", it is part of the "(re)action".
When you try to create a connection, you send a packet and then wait until you receive a reply -- or reach time-out. If you quickly receive a reply that connection cannot be created, then you don't have to wait long. The REJECT is polite and you surely want to be polite to friends?