diff --git a/r2/r2/controllers/api.py b/r2/r2/controllers/api.py
index b42c34c12..238f95731 100644
--- a/r2/r2/controllers/api.py
+++ b/r2/r2/controllers/api.py
@@ -857,6 +857,10 @@ class ApiController(RedditController):
                 required_perms.append('wiki')
             else:
                 required_perms.append('access')
+                # ability to unmute requires access and mail permissions
+                if type == 'muted':
+                    required_perms.append('mail')
+
         if (not c.user_is_admin
             and (type in self._sr_friend_types
                  and not container.is_moderator_with_perms(
diff --git a/r2/r2/controllers/listingcontroller.py b/r2/r2/controllers/listingcontroller.py
index a98cd80d0..95ae73ec5 100644
--- a/r2/r2/controllers/listingcontroller.py
+++ b/r2/r2/controllers/listingcontroller.py
@@ -1741,7 +1741,8 @@ class UserListListingController(ListingController):
             self.listing_cls = BannedListing
 
         elif where == 'muted':
-            if not has_mod_access:
+            if not (has_mod_access and
+                    c.site.is_moderator_with_perms(c.user, 'mail')):
                 abort(403)
             self.listing_cls = MutedListing