How to copy outgoing messages on sendmail
Solution 1:
The short answer is "you can't".
The longer answer, from the sendmail FAQ, is
How can I automatically copy messages based on sender or recipient addresses?
It would require custom programming [...] Note that no such feature has been added to sendmail. When asked about this one of the sendmail developers said it was "because we still believe a bit in privacy."
Basically, the person who's asking you to do this is foolish to believe that it can be done. Sure, you could use a different MTA, maybe something written by people who don't care about privacy. But unless he proxies and screens all outbound HTTP and blocks all other outbound TCP including HTTPS, and all outbound UDP full-stop, he hasn't a hope of preventing a determined employee from emailing something, somehow.
Moreover, although we can't do legal advice here, you may find that computer privacy legislation in your jurisdiction forbids or tightly regulates email interception, and it is possible that you could find yourself liable for what you implement.
30,000-foot view: this is a social problem. Don't look for a technical solution. That never works.
Solution 2:
sendmail : How to copy outgoing messages using milter
Consider using an archiving milter:
https://www.milter.org/milters/archiving/alphabetical/1
In standard non set root uid installations milter can process/archive all messages passing via sendmail server.
P.S. I do consider reading employees emails by the employer WITHOUT PRIOR WRITTEN WARNING as unacceptable.