@evan you can't? I thought that was explicitly how shared inboxes worked.
In your example my understanding is domain2 would receive a single activity, and parcel out the activity to the other users internally as appropriate. How that's actually handled by domain2 is out of scope of the spec.
A potential complication could arise if you're saving a serialzied representation of that object for validation, in which case it wouldn't pass as you have to remove bcc from the object...