That just makes the usefulness of the O365 groups about half as useful as it could be. Instead of just keeping each individual team's group up to date and then nesting it in the department group I now have to duplicate work keeping both groups up to date. 

Well, you're entitled to your opinion, but before you make such an assertion you should consider the purpose of the different groups and why those groups exist. A security group is intended to secure resources to a set of accounts. The way that security groups function has not changed much since Windows NT 3.1 in 1993. An Office 365 group is a new entity intended to allow members of the group access to various shared resources belonging to the group across multiple workloads. The two purposes are entirely different. You can't compare one to the other apart from the fact that they are two types of groups.

This limitation is kind of crazy, sorry.  There's all these microsoft pointers to get everyone to use Office 365 groups instead of distribution groups, but they are completely two different things.  Why can't we at least forward email out of an office 365 group?  I just think it is another rushed half baked ms feature...

Why do you want to forward email out of a group? To where?

It's easy to do this. Just add the address you want to receive the forwarded email as a member and make sure that their address is subscribed to the group... That address then receives a copy of every message sent to the group, which is an effective auto-forward.

I'm was mainly just pointing out another feature limitation, that is available in shared mailboxes.  All I wanted to do was to simply add the office 365 group email address to a distribution group.  Can't be done.  So what I had to do was create a contact email address using another domain that we have control over, I set that email to forward back to the office 365 group, then I added the contact email to the distribution group.  This works, but there is no reason we should have to go through this just to accomplish a simple task, other than the fact office 365 groups are still somewhat undeveloped at this time.  

You can add an Office 365 Group to a distribution group with PowerShell.

Add-DistributionGroupMember -Id DL -Member O365Group

Just because the GUI doesn't allow something doesn't mean that it cannot be done. This is why I recommend that all Office 365 Admins understand how to use and exploit PowerShell.

Or you could just read Office 365 for IT Pros and learn all the tips we have in that book... ;)

I always forget about the eternal battle between gui and command line, but I still prefer gui.  Maybe MS will add it someday.  Thanks for the answer, and I'll read the book too when I can carve some spare time out.  

Yeah, people do get pretty focused on GUIs, but as I point out all the time, you might not be satisfied by what engineers design in a system... PowerShell does a great job, if implemented correctly,  of exposing the true potential of software. The cmdlets available for Office 365 Groups are pretty good. Those for Teams are awful https://www.petri.com/powershell-module-teams-critically-flawed. 

I understand the limitations once you turn a distribution list into an ACL.  But why would any mail platform provider choose to replace distribution lists altogether--it's crazy.  There are HUNDREDS of valid use cases for nested distribution lists which have nothing to do with security access to anything.  

For example, I'm in a (currently) very small tech company with limited IT needs.  However, one of the FIRST things we needed operationally was nested distribution lists, so that the ops team can easily get notifications from different components of the infrastructure with unique addresses, but without having to add the same people to every address.  You get a new tool, you create a group address for the tool so you can create an account using it and get its notifications, and simply forward it to the existing Ops team.

What's the proposed solution for this scenario?  Just keep using distribution lists or what?  I tell you what I'm NOT doing--buying some ridiculous additional tool just to accomplish what every other mail system on the planet does out of the box as basic functionality.

/mike

@Mike Mitchell distribution lists still exist and there's no plans to remove them, but also from your description I don't see why you wouldn't be better using an Office 365 group for your ops team anyway and get all the benefits of collaboration as well as email.