Email sent can be traced at the receiving end. If it hits the internet then it can be traced.
So you send an email from domain A to domain A. It stays encrypted. If you send it from domain A to domain B it is decrypted and it can be snooped.
I presume that this is the case with Proton. Once it is stored on the email database server and never leaves the server, never traverses the internet, it is secure.
For example, Proton client A sends an email to Proton client B, the front end is encrypted and it is sent to the back end server (IMAP?), the email is “emailed” on the and via the “local server” and re-encrypted for the outbound trip.
The point being that the email never traverses the internet unencrypted.
Of course, what happens on the client is up to the client software and apps. Someone could hack into the smart phone or PC and read the emails.