@Willott - I would hope too that some sort of AV is deployed on the desktops to caputure the virus if it's opened and depending on the AV on the desktop and config, if AV is configured to stop mass mail on port 25. Also, depends on sites you are browsing and if the your web proxy content is good enough to pick mass mail viruses, again this comes down to your desktop AV to stop mass mail on 25.
Even if you were infected and the email would go to your external filtering/scanning, the impact this will have on your exchange server will have a serverr performance hit. In addition to the performance hit, your transactions logs will genertaed excessively which will bring down your Exchange stores.
As an example, I have seen customers who have had calendar appoinments in their mailbox which have had some vbs code in them, this message was never detected by AV/filtering and all of a sudden, when the message re-occuring appointment 'poped up' this caused to generate emails within the EDB itself, so you could not track the message via MT. This did not send emails to others but just generated 40 transaction logs per min for that mailbox. Which caused Exchange stores to dismount. When this user was sending genuine appointments to others users within the office, this issue multipled bringing dowm more exchange servers and storage groups.
Having AV scanning inside the mailstore/database found this. This is why I recommend at least weekly scans for your stores.
For the smoothie speculators, we do an SMTP/PoP proxy. You could probably reroute internal mails through it, though I don't recall anyone who is doing that. "Zap" is the name )which we are trying to retire as it is hardly descriptive) for a module which provides the two proxies. Mailshell provides anti-spam/phishing capability to this module, and VIPRE the anti-malware. There's no cyber-bullying rules... yet.