There is a role, DatabaseMailUser, in msdb that you can put users in.
I'm a fan of option 1 in your case, even though Database Mail is asynchronous, I just don't like sending mail from a trigger, you could do it.
I'm doing some research on issues like this using signed modules. I'll have to see if it will work here.
Jack Corbett
Consultant - Straight Path Solutions
Check out these links on how to get faster and more accurate answers:
Forum Etiquette: How to post data/code on a forum to get the best help
Need an Answer? Actually, No ... You Need a Question