Ethical, moral, and legal question concerning email

I have a business client that is a manufacturer of "large widgets" (I state this in order to protect the innocent). I have consulted my business lawyer concerning this dilemma; though tech-savvy, he was unsure of the legal issues.

My client wants to monitor both incoming and outgoing email on a specific employee on their business domain hosted through my company.

Here comes the ethical, moral and legal questions - I understand the desire of the client as he feels that his employee may or may not be sending intellectual property belonging to the company via email.

Ethically, I understand. Morally, I'm at an impasse (as in, is the employee really doing something malicious to his employer or not; if so, we can only determine this by "spying" on him). Legally, is this legal, as to me it amounts an illegal wiretap.

Gee, it's kind of like a "Schrodinger's cat" situation...with email.

Any input will not be taken as legal advice, so I hereby free you of that obligation....

Note of course that I'm not a lawyer and I don't play one on TV .

I don't see an ethical or moral problem, because your client owns the site and contracts with you. He has the right to determine what he does with email going through something he owns.

Legally, you really need to depend on your lawyer. You don't say in what country you're located. I believe in the United States most states will allow a company owner to post rules for using his systems, and probably even his domain name, and that if he notifies his employees in advance he can monitor all incoming and outgoing email through his systems and even through his domain. But you need to ask a lawyer in your specific jurisdiction.

However, practically, it's an exercise in futility. Today someone trying to steal intellectual property could easily enough do it with a browser, and a Hotmail or Google webmail account.

Jeff

Jeff, I'm not a lawyer and wouldn't want to play one on TV, no matter the salary. Anyway, I am in the US. I have talked to my business lawyer who is pretty savvy with tech law. So.....my client has asked me if I can make "copies" of at least all incoming email to their domain, and if possible, all outgoing email as well since we allow our business clients to send email through our servers (their domain).

I am not quite sure how to do this; I know that via DA I can set up a alias email and direct copies of all incoming email to that address. This raises an issue as the person in question has access to the DA control panel and would probably notice this - which in turn may raise red flags.

I've tried searching for an alternative means not only here but with major search engines to no avail, even going through pages on the exim website. It is quite possible that I overlooked the solution, but can anyone point me in the right direction to "capture" both incoming and outging email for a specific domain?

It's simple enough to do it from the command line, and since it's been discussed on these forums before you should be able to find it with a google search of just these forums:
Or we or others could offer it as a commercial service.

Jeff