As we have started using conditional access and MFA, we are also looking to block legacy authentication this is a recommendation by Microsoft.
Legacy authentication can bypass your CA polices, I had thought disabling MAPI and others per user would be enough, but unless you disable/block the legacy authentications your really not protecting your tenant.
Here are the links I found about setting up conditional access to block legacy authentication. I had one time found a report that would tell you who/what was still using the old authentication methods. I’m still trying to find that again. If you know please leave it in the comment below.