diff --git a/config/locales/server.en.yml b/config/locales/server.en.yml
index e1b45e517ca..89214a89674 100644
--- a/config/locales/server.en.yml
+++ b/config/locales/server.en.yml
@@ -1291,6 +1291,8 @@ en:
 
     min_trust_to_send_email_messages: "The minimum trust level required to send new personal messages via email (to staged users)."
 
+    min_trust_to_flag_posts: "The minimum trust level required to flag posts"
+
     newuser_max_links: "How many links a new user can add to a post."
     newuser_max_images: "How many images a new user can add to a post."
     newuser_max_attachments: "How many attachments a new user can add to a post."
diff --git a/config/site_settings.yml b/config/site_settings.yml
index e8d9d14277f..d283e027c25 100644
--- a/config/site_settings.yml
+++ b/config/site_settings.yml
@@ -894,6 +894,9 @@ trust:
   min_trust_to_send_email_messages:
     default: 4
     enum: 'TrustLevelSetting'
+  min_trust_to_flag_posts:
+    default: 1
+    enum: 'TrustLevelSetting'
   tl1_requires_topics_entered: 5
   tl1_requires_read_posts:
     default: 30
diff --git a/lib/guardian/post_guardian.rb b/lib/guardian/post_guardian.rb
index e5e4e010f85..6986d1099ec 100644
--- a/lib/guardian/post_guardian.rb
+++ b/lib/guardian/post_guardian.rb
@@ -21,7 +21,7 @@ module PostGuardian
 
       # we allow flagging for trust level 1 and higher
       # always allowed for private messages
-      (is_flag && not(already_did_flagging) && (@user.has_trust_level?(TrustLevel[1]) || post.topic.private_message?)) ||
+      (is_flag && not(already_did_flagging) && (@user.has_trust_level?(TrustLevel[SiteSetting.min_trust_to_flag_posts]) || post.topic.private_message?)) ||
 
       # not a flagging action, and haven't done it already
       not(is_flag || already_taken_this_action) &&
diff --git a/spec/components/guardian_spec.rb b/spec/components/guardian_spec.rb
index 0aa745ed9e7..5ec7904b355 100644
--- a/spec/components/guardian_spec.rb
+++ b/spec/components/guardian_spec.rb
@@ -90,11 +90,17 @@ describe Guardian do
         expect(Guardian.new(user).post_can_act?(post, :like)).to be_truthy
       end
 
-      it "returns false for a new user flagging a standard post as spam" do
+      it "returns false for a new user flagging as spam" do
         user.trust_level = TrustLevel[0]
         expect(Guardian.new(user).post_can_act?(post, :spam)).to be_falsey
       end
 
+      it "returns true for a new user flagging as spam if enabled" do
+        SiteSetting.min_trust_to_flag_posts = 0
+        user.trust_level = TrustLevel[0]
+        expect(Guardian.new(user).post_can_act?(post, :spam)).to be_truthy
+      end
+
       it "returns true for a new user flagging a private message as spam" do
         post = Fabricate(:private_message_post, user: Fabricate(:admin))
         user.trust_level = TrustLevel[0]