It takes just a few milliseconds for an ill-considered e-mail to turn into career or even corporate self-destruction.
Earlier this year, a series of leaked e-mails at the UK's transport ministry forced the resignation of a high ranking government adviser, the chief press officer and ultimately, the transport minister himself.
And the scandal over the shredded Enron documents, which did so much damage to the accountancy firm Arthur Andersen, first came to light from an e-mail.
Incidents such as this are giving managers serious pause for thought. It is relatively easy to block staff's access to pornographic websites. And while large companies now routinely scan incoming e-mail for viruses and inappropriate attachments, scanning outgoing or internal e-mails is still quite new ground.
"Most companies, if they do scan, just scan the top of the e-mails or use random sampling," says Peter Dorrington, principal initiatives manager at software company SAS Institute. "On the employee side, most people know that e-mails can be scanned, but generally they don't know whether their companies actually do it."
Unsurprisingly, financial services companies and banks are among the most likely to scan e-mail. It is also widespread in customer services operations, where there is a compelling need to ensure that staff are respecting customer confidentiality.
However, research by analysts IDC suggests that e-mail monitoring will become much more widespread: it predicts that the market for monitoring software will increase by at least 38 per cent in the coming year.
This growth reflects the fact that business increasingly sees e-mail as a mission-critical tool. But scanning e-mail poses dilemmas.
Restricting staff access to external web sites can be unpopular, but it is technically straightforward and reasonably practical. Arbitrary restrictions on e-mail, however, can seriously damage a company's communications with its customers and suppliers.
The challenge is to devise a system for e-mail monitoring that is cost-effective, not too restrictive, technically sound and which is also understood by the workforce.
A typical, first generation e-mail monitoring system checks e-mail traffic for banned keywords, and then alerts a supervisor. These systems have disadvantages: they are crude, creating a large number of false alarms or "false positive" results; they can be technically resource-intensive; and they rely on a human being to read blocked e-mails and decide on what action to take.
But several commercial systems alert supervisors only after the e-mail has been sent and the damage done. The alternative, quarantining mail, risks causing unacceptable delays if the message later turns out to be innocent.
"If a company wants to reduce their operational risk, then e-mail scanning has to take place in real time," says Steve Davenport, of PA Consulting's management group. "Everything else is damage limitation. The problem is that real time scanning creates quite a big processing overhead."
Mr Davenport, along with other experts on the technology, points out that the vast majority of harmful e-mails are not malicious, but are either accidental, or stem from a lack of knowledge of company policy.
Few people can honestly say they have never written an e-mail in the heat of the moment and pressed "send"; accidentally hit "reply" or worse still "reply to all", when they meant to forward.
"The majority of e-mail abuse is not malicious, but accidental," says Don Taylor, chief executive of scanning vendor Clearswift, which recently bought Baltimore Technology's MIMEsweeper. "It is so very easy to send an e-mail. When you had to write or send a fax or a telex, that took more time."
The idea of adding a big friendly "undo" button to e-mail systems is something both staff as well as IT managers might welcome.
Even when it comes to sending inappropriate or risk messages, most of us would rather a system caught the message automatically and flagged the problem, rather than risk embarrassment or even disciplinary action once the mail has gone on its way.
And, aside from the sheer impracticality of manually reviewing thousands of e-mails each day, manually reviewing e-mails raises privacy issues.
A computer system that scans e-mails anonymously could well prove more acceptable than an arrangement where a large number of e-mails are referred to - and read by - a human manager.
Systems based on human monitoring are also vulnerable to deliberate deception, especially when they rely on random sampling. In response, software companies are developing scanning systems based on techniques such as data mining and pattern matching.
The technology can spot not just words, but more meaningful combinations of phrases. Pattern-matching software can also look for information across a series of e-mail messages.
Words that might appear innocent in a single e-mail could none the less be part of a series of messages that together point to criminal activity or other abuse. "Artificial intelligence is so much better at recognising partners in words, and that is certainly an answer," says David Love, head of the European security group at Computer Associates. "But it is still expensive to do full-scale, online monitoring."
For companies worried about the risks of unauthorised, libellous or offensive e-mails, the cost could still be preferable to the consequences. And technical improvements, including greater integration between mail server, e-mail scanning and anti-virus software, are overcoming some of the cost and performance concerns.
But in the end, it is less technology than a strong policy on what can, and what cannot, be sent by e-mail that will have the greatest impact on the problem. Many industry observers hold the view that the biggest challenge today to the widespread adoption of technology is the lack of organisational focus on managing e-mail content. However, this is steadily improving and e-mail filtering has moved on to become a valuable tool rather than just ensuring e-mails carried a legal disclaimer and could be virus checked.
