I always test DNS before every session, it always comes back as not leaking, but my ISP has let me know three times that it has leaked. On both Linux and Windows clients.
The clients on both Windows and Linux are all set at their defaults, except on the Linux I did enable the Threat Manager.
ExpressVPN lost me, too much money for sketchy protection that may or may not work.
hello !!
Kill switch is enabled yes ?
be aware of some express vpn protocols they are just less sure and some was leaked by NSA 
i suggest you to keep protocol on auto and enable block the connection if disconect… not keep on your modem-router upnp turned on and when using the vpn services not foward any ports on your router add-insert the google dns on your modem-router.
I have express installed on my router and certain settings will cause a leak.
I had to tinker around and with help from others find a setting that would not leak
Could you share the settings you have ended up using?
First what brand of router you’re using for me it’s Asus running Meriln firmware open vpn. My settings are for merlin