Unless there already are explicit and specific clauses in information security and network policies you and others are subject to, I'd like to question
if you are authorised in any way to handle and scrub outgoing e-mail. If there is no policy then you probably should not be doing this, no matter the consequences. I'd urge you to seek advice first. If this ends up to be about some legal situation you may actually be weakening your position.
Wrt filtering take look at the hints in
Filtering Outbound Mail with procmail and
Copying All Mail to an Archive.
