David Dejewski

Perspective from a former Defense Department CIO: monitoring of all traffic coming into and out of DoD facilities has been going on for more than a decade. If you do it – no matter what “it” is – on a government network, it’s fair game. There’s a banner posted to that effect on the computer screen of very DoD employee when they log in. All empoloyees consent to monitoring. Few facilities have the manpower to watch everything real time, but Internet activity does get filtered and recorded for up to a year in some cases (maybe more in some special areas).
If you give the command some reason to suspect an issue (eg set off an alarm on the intrusion detection system by sending/receiving a classified code word or visiting a child pornography site), security folks will likely be going through all traffic generated by you for months. Intrusion detection systems don’t distinguish between what traffic is official and what is personal. They just watch all traffic as it flows in and out of the network.
Like it or not, that’s reality. My advice is if you want to send/recieve personal email, do it from home or start with the assumption that it is being monitored and recorded.