Again, worked there, not how it works. As I said it doesnt matter if its "signed" and "encrypted".. **all** external emails need admin approval, there is no signing and encrypting to bypass this.
Who specifically controls the list is ultimately determined by the head of the department, as are the specific procedures for determining what is passed on or not. Typically it's someone close to the leadership like a secretary who approves those requests on company wide lists.
Doc Freemo 
