It shouldn't even be an option for the vast majority of employees. Rather than their email being a binary permission (you either can or cannot send to members of the domain), it should have more access levels, including a higher access level "can send to MANY members of the domain" that would not be granted to most employees. Most employees would be in the middle tier, which would allow emails sent only up to some number of manageable recipients. And of course the big distribution lists that go to large numbers of employees should be configured so that only a small number of accounts can post to them.