It's almost impossible to detect, track, and eliminate encrypted messages without imposing serious restrictions on your users. Comprehensive prevention requires intrusive methods such as these:
Capturing information about email habits and contents
Tracking overall Internet usage patterns related to sites and content
Examining for unusual activity on servers/workstations
Requiring key escrow on approved encryption products
If these actions seem too draconian, here are some things your organization can do:
Scan for unauthorized software use. Use tools to control user-level access and prevent software from being installed without administrator permission.
Allow no unauthorized HTTP/FTP servers on corporate networks.
Look for cracked systems offering hidden upload/download areas.
If possible, limit the amount of data such as MP3s, GIFs, JPGs, and so on allowed into or out of your networks via email. Email is the one tool that can easily pass through firewalls. All data coming in and leaving should be checked to make sure that it's safe before being passed on to the user.
Unless required for office usage, restrict access to Usenet and similar archives that could contain these kinds of files or be used in this manner.