Emails are inherently insecure - they are transmitted and stored as plain text. The only way I know of is for your users to use encryption for sending/receiving (PGP or similar), in that way only they will have their private key to decrypt.

As root, I can't think of a way of not having read/write access to the mail.

How can I allow users to encrypt/decrypt email (rather, where can I read up about it?) Google brings up huge number of strange geeky articles. Thanks

I think you've already got your answer, you just don't like it. Encrypting requires work on the part of your users, and work on your part to figure out how to tell them how to do it.

Cut to the chase and forget the idea. You're root, you have access. So does their ISP, and the ISP of whoever sends it. Along with the company that handles your server location. And so on.

If they are 'users' and don't want email read, don't send it. If they don't want it read by 'you' then either trust you or don't send it through your systems.

I've never had this asked by my users. If they did, I'd blow them off - I don't read your emails and that's the end of the story. Take it or leave it. And you shouldn't be trying to build this up in their minds either. Tell them you don't read the emails and be done with it. If they complain, tell them that's all you're going to do about it.