diff --git a/src/api/ruma_wrapper/axum.rs b/src/api/ruma_wrapper/axum.rs
index 451b6fda..14655976 100644
--- a/src/api/ruma_wrapper/axum.rs
+++ b/src/api/ruma_wrapper/axum.rs
@@ -196,6 +196,19 @@ async fn ar_from_request_inner(
                         Error::BadRequest(ErrorKind::forbidden(), msg)
                     })?;
 
+                if let Some(destination) = x_matrix.destination {
+                    if destination != services().globals.server_name() {
+                        warn!(
+                            %destination,
+                            "Incorrect destination in X-Matrix header"
+                        );
+                        return Err(Error::BadRequest(
+                            ErrorKind::Unauthorized,
+                            "Incorrect destination in X-Matrix header",
+                        ));
+                    }
+                }
+
                 let origin_signatures = BTreeMap::from_iter([(
                     x_matrix.key.to_string(),
                     CanonicalJsonValue::String(x_matrix.sig),
diff --git a/src/api/server_server.rs b/src/api/server_server.rs
index b936b1e7..38e37304 100644
--- a/src/api/server_server.rs
+++ b/src/api/server_server.rs
@@ -242,7 +242,7 @@ where
 
     http_request.headers_mut().typed_insert(Authorization(XMatrix::new(
         services().globals.server_name().to_owned(),
-        None,
+        Some(destination.to_owned()),
         key_id,
         signature,
     )));