Currently, anyone within an organization could set up mail forwarding and send all their communications to an insecure email, essentially exfiltrating company data. As an organizational admin, I would like to disable this for security reasons. I think this setting could live near the 2fa/mfa settings so that as an admin, I can lock down this functionality.