Unless there already are explicit and specific clauses in information security and network policies you and others are subject to, I'd like to question if
you are authorised in any way to handle and scrub outgoing e-mail. If there is no policy then you probably should not be doing this, no matter the consequences. I'd urge you to seek advice first. If this ends up to be about some legal situation you may actually be weakening your position.
Wrt filtering take look at the hints in Filtering Outbound Mail with procmail
and Copying All Mail to an Archive