Hello,
Let's say this way.. i'ts feasible: you could create a detection rule to capture all your traffic email; however also an incident will be created for each message exchanged and your servers would be highly impacted.
The best solution you have is to install a DLP Network Monitor Server type, which will read all smtp messages exchanged by day, month .. against the incidents.
Have a look at attached print.
Cheers,
Morgado