diff --git a/doc/Changelog b/doc/Changelog
index ce796372c..c051a49ae 100644
--- a/doc/Changelog
+++ b/doc/Changelog
@@ -1,3 +1,7 @@
+22 February 2021: Wouter
+	- Fix #431: Squelch permission denied errors for tcp connect
+	  and udp connect from the logs, unless at high verbosity.
+
 18 February 2021: Wouter
 	- Merge PR #317: ZONEMD Zone Verification, with RFC 8976 support.
 	  ZONEMD records are checked for zones loaded as auth-zone,
diff --git a/services/outside_network.c b/services/outside_network.c
index 6c6b42ccb..3687b5fea 100644
--- a/services/outside_network.c
+++ b/services/outside_network.c
@@ -1779,6 +1779,7 @@ static int udp_connect_needs_log(int err)
 #  ifdef ENETDOWN
 	case ENETDOWN:
 #  endif
+	case EPERM:
 		if(verbosity >= VERB_ALGO)
 			return 1;
 		return 0;
diff --git a/util/netevent.c b/util/netevent.c
index 5a71a82e4..d55458d6d 100644
--- a/util/netevent.c
+++ b/util/netevent.c
@@ -302,7 +302,7 @@ udp_send_errno_needs_log(struct sockaddr* addr, socklen_t addrlen)
 		/* 'Cannot assign requested address' also when disconnected */
 		|| (errno == EADDRNOTAVAIL)
 #  endif
-		) && verbosity < VERB_DETAIL)
+		) && verbosity < VERB_ALGO)
 		return 0;
 #  ifdef EADDRINUSE
 	/* If SO_REUSEADDR is set, we could try to connect to the same server