diff --git a/src/main-sec-mod-cmd.c b/src/main-sec-mod-cmd.c
index 412686b8..cc92c8eb 100644
--- a/src/main-sec-mod-cmd.c
+++ b/src/main-sec-mod-cmd.c
@@ -126,8 +126,9 @@ int handle_sec_mod_commands(main_server_st * s)
 				reply.reply =
 				    AUTH__REP__FAILED;
 			} else {
-				reply.reply =
-				    AUTH__REP__OK;
+				/* no need to send a reply at all */
+				ret = 0;
+				goto cleanup;
 			}
 
 			reply.sid.data = tmsg->sid.data;
diff --git a/src/sec-mod-auth.c b/src/sec-mod-auth.c
index 2a9cf9c9..0a53bcc4 100644
--- a/src/sec-mod-auth.c
+++ b/src/sec-mod-auth.c
@@ -321,6 +321,9 @@ int handle_sec_auth_res(int cfd, sec_mod_st * sec, client_entry_st * e, int resu
 		}
 		return 0;	/* wait for another command */
 	} else if (result == 0 && e->status != PS_AUTH_FAILED) {
+		/* we check status for PS_AUTH_FAILED, because status may
+		 * change async if we receive a message from main that the
+		 * user is banned */
 		e->status = PS_AUTH_COMPLETED;
 
 		if (e->module) {