In our setup most internal users have an automatic forwarding of their EMails to an external EMAil-Provider. (This is done to bypass local-site connection and use teh EMailhosting  from anywhere in the Internet).
TO archive this each user has his corresponding EMail-Hosting address setup in User-account --> advanced settings --> MAil --> Forward email address (https://docs.software-univention.de/manual/5.0/en/mail/management.html#assignment-of-email-addresses-to-users).

Recently I disabled some user-accounts in UCS and also at EMail-hosing. As some internal services still address these disabled UCS-users I got some bounces from EMAil-hosting. 
So EMAil are still forwarded, even the user is disabled. This seems unintended, AS this way information might get leaked. When forwarding to a not company-controlled EMail-hosting, the use will be able to receive EMAils (used by services, existing EMail-threads or directly) addressed to him on the forwarded address.

I expect that no emails are forwarded for disabled / locked accounts.