Stop email auto-forward
Watch: Stop auto-forwarding emails
If a hacker gains access to a user's mailbox, they can auto-forward the user's email to an outside address and steal proprietary information. You can stop this by creating a mail flow rule.
From the Microsoft 365 admin center, select Exchange, mail flow, and on the rules tab, select the plus sign and choose create a new rule.
Select More options. Name your new rule.
Then open the drop-down for apply this rule if, select the sender, and then is external internal.
Select Inside the organization, and then OK.
Choose add condition, open the drop-down, select The message properties, then include the message type.
Open the select message type drop-down, choose Auto-forward, then OK.
Open the Do the following drop-down, select Block the message, then reject the message and include an explanation.
Enter the message text for your explanation, then select OK.
Scroll to the bottom and select Save.
Your rule has been created, and hackers will no longer be able to auto-forward messages.