I'm not sure if this should be posted in Proton Mail or Proton Pass as it involves both. When creating a shared mailbox in Proton Pass (one alias delivering to multiple email addresses), there is a leak that occurs when one of those users replies with that alias.

1. Alias receives email from third party and Proton Pass sends it to inbox 1 and inbox 2.
2. Inbox 1 replies to original sender. The message is sent as the alias to third party and inbox 2 as bcc.
3. Inbox 2 receives the email from #2 send from the alias. The message will display a banner and in this banner, the real email inbox is exposed.

Email sent on behalf of alias xxxx@***.com using mailbox inbox 1

1. Inbox 2 also responds to email thread. Now the real email address for inbox 1 has been leaked in the quoted message body.

To be fair, there is a warning to remove that text. However, this should not be there in the first place. Less tech savvy users will not see this message when they are typing a response because apps often hide the previous text in the email thread to make the experience look more clean.

I can think of two methods to prevent this, I think either is acceptable.

1. Stop this banner message from #3 from being displayed at all.
2. Give the ability in Proton Mail to not automatically quote previous messages by default when composing replies. This way the banner with the real inbox isn't quoted by default when replying.