Heh. A classic.
This is the reason why many "delete" functions won't actually delete data but only flag the record/email/whatever as deleted. Of course, this functionality is usually known only to certain parts of IT. Same with corporate shredders; some will not actually shred stuff but send it to a "secure" container which is checked before the documents are actually shredded.
On the other hand: some companies have recently started to implement supposed "retention periods" after which all email gets auto-deleted. It's supposedly to avoid sensitive information leaks, but some suspect that the real reason is that having such a policy means that you won't be able to provide evidence that no longer exists.