All ports are closed until they are opened manually by the user? Is it true?

I googled and read some articles stating that all ports are closed until they are opened manually by the user. Is it correct?

Depends on what you see as "user". The user usually does not say, "hey please open port X". System services (such as CUPS for printing, UDP/TCP port 631) open a port for listening. Other examples include a HTTP server (TCP port 80), a DNS server (UDP port 53) and SMTP (mail) server (TCP port 25).

So far I have only mentioned ports, but a program must also specify an address to start listening on. It is important to understand that programs can listen locally (IPv4 address 127.0.0.1, IPv6 address ::1) or on an address such that the service becomes accessible by other devices on your nwtwork (using your network address, e.g. 10.0.1.4). There is also a "wildcard address" (0.0.0.0 for IPv4, :: for IPv6) which is also accessible remotely.

Ports are indeed "closed" until a programs starts listening on it.

The sudo netstat -tulpn command can be used to show listening TCP/UDP programs. On a default Ubuntu desktop installation, this shows:

Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      2254/dnsmasq    
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1346/cupsd      
tcp6       0      0 ::1:631                 :::*                    LISTEN      1346/cupsd      
udp        0      0 0.0.0.0:59296           0.0.0.0:*                           1152/avahi-daemon: 
udp        0      0 127.0.0.1:53            0.0.0.0:*                           2254/dnsmasq    
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1684/dhclient   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           1152/avahi-daemon: 
udp6       0      0 :::5353                 :::*                                1152/avahi-daemon: 
udp6       0      0 :::53537                :::*                                1152/avahi-daemon: 

Here, you can see that avahi-daemon is accessible over the network on UDP ports 59296, 5353 and 53537. The latter two are standard for avahi-daemon, the first is a random address that is probably communicated using the other two ports. This daemon is used for "network discovery" and allows you to do things like "file sharing". There is also a DHCP client listening globally on port UDP 68.

Some services only listen locally and are not accessible over the network. These are the DNS cache service dnsmasq (UDP port 53) and the printer service CUPS (TCP 631).

And what do you mean by "listening on a port" and "a port is established" in simple terms?

There is no notion of an "established port", only an "established connection". A port that is open for listening is backed up by a program which is interested in data flowing in that port. These ports are typically static, HTTP runs on TCP port 80, DNS on UDP port 53. These standards allow other network devices to find your service quickly.

A TCP connection is established when both network devices agree that they want to talk to each other.

That statement is not correct. True is, that very few services are installed by default. And where no service is waiting to be contacted/asked (Thats what "listening" means) there is no need to close that port.

But by default every installed service is running and no firewall rules are set to prevent anyone from contacting the service.

As for the additional question: "ports" are like phone extension numbers, they designate one program talking via this number like a phone extension number designates a person or one department within an enterprise.