If you look at the document properties of a message, you can change who can read this diocument based on username, groupname or role. You can also set encryption. I would not recommend to let users do this by hand but that a mechanism be built to use this functionality. Note that adding reader fields to a database accessed by many can impact performance. Encryption adds the burden of managing keys.
Since some development is already suggested, I woul like to point to the possibility to let an item in the mailbox navigation to point to another database/file, with it's own ACL. I think this makes management easier.
So: evaluate your needs and development effort, and take your pick.