diff --git a/src/mod/endpoints/mod_sofia/mod_sofia.h b/src/mod/endpoints/mod_sofia/mod_sofia.h
index cf66a75bad..de44aac283 100644
--- a/src/mod/endpoints/mod_sofia/mod_sofia.h
+++ b/src/mod/endpoints/mod_sofia/mod_sofia.h
@@ -303,6 +303,7 @@ typedef enum {
 	PFLAG_MAKE_EVERY_TRANSFER_A_NIGHTMARE,
 	PFLAG_FIRE_TRANFER_EVENTS,
 	PFLAG_BLIND_AUTH_ENFORCE_RESULT,
+	PFLAG_BLIND_AUTH_REPLY_403,
 	PFLAG_PROXY_HOLD,
 	PFLAG_PROXY_INFO,
 	PFLAG_PROXY_MESSAGE,
diff --git a/src/mod/endpoints/mod_sofia/sofia.c b/src/mod/endpoints/mod_sofia/sofia.c
index 5bb05b194c..d1e32a096f 100644
--- a/src/mod/endpoints/mod_sofia/sofia.c
+++ b/src/mod/endpoints/mod_sofia/sofia.c
@@ -4591,6 +4591,7 @@ switch_status_t config_sofia(sofia_config_t reload, char *profile_name)
 					sofia_clear_pflag(profile, PFLAG_MAKE_EVERY_TRANSFER_A_NIGHTMARE);
 					sofia_clear_pflag(profile, PFLAG_FIRE_TRANFER_EVENTS);
 					sofia_clear_pflag(profile, PFLAG_BLIND_AUTH_ENFORCE_RESULT);
+					sofia_clear_pflag(profile, PFLAG_BLIND_AUTH_REPLY_403);
 					sofia_clear_pflag(profile, PFLAG_AUTH_REQUIRE_USER);
 					sofia_clear_pflag(profile, PFLAG_AUTH_CALLS_ACL_ONLY);
 					sofia_clear_pflag(profile, PFLAG_USE_PORT_FOR_ACL_CHECK);
@@ -5910,6 +5911,12 @@ switch_status_t config_sofia(sofia_config_t reload, char *profile_name)
 						}  else {
 							sofia_clear_pflag(profile, PFLAG_BLIND_AUTH_ENFORCE_RESULT);
 						}
+					} else if (!strcasecmp(var, "blind-auth-reply-403")) {
+						if(switch_true(val)) {
+							sofia_set_pflag(profile, PFLAG_BLIND_AUTH_REPLY_403);
+						}  else {
+							sofia_clear_pflag(profile, PFLAG_BLIND_AUTH_REPLY_403);
+						}
 					} else if (!strcasecmp(var, "auth-calls-acl-only")) {
 						if(switch_true(val)) {
 							sofia_set_pflag(profile, PFLAG_AUTH_CALLS_ACL_ONLY);
@@ -10398,8 +10405,8 @@ void sofia_handle_sip_i_invite(switch_core_session_t *session, nua_t *nua, sofia
 		}
 		if (!sofia_test_pflag(profile, PFLAG_BLIND_AUTH_ENFORCE_RESULT) || blind_result == SWITCH_STATUS_SUCCESS) {
 			is_auth++;
-		} else if (sofia_test_pflag(profile, PFLAG_BLIND_AUTH_ENFORCE_RESULT)) {
-			switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "blind auth enforce result enabled and couldn't find user %s, rejecting call\n", user);
+		} else if (sofia_test_pflag(profile, PFLAG_BLIND_AUTH_REPLY_403)) {
+			switch_log_printf(SWITCH_CHANNEL_LOG, SWITCH_LOG_DEBUG, "blind auth enforce 403 enabled and couldn't find user %s, rejecting call\n", user);
 			nua_respond(nh, SIP_403_FORBIDDEN, TAG_END());
 			goto fail;
 		}