As an outsourced technical support provider for Shared Web Hosting Companies, we often encounter application errors and system faults. In the past couple of months, an error that’s often reported by cPanel/WHM users is:

Aug 17 00:25:24.450 [382682] warn: Use of uninitialized value in concatenation (.) or string at /usr/local/cpanel/3rdparty/perl/522/lib64/perl5/cpanel_lib/Mail/SpamAssassin/PerMsgStatus.pm line 3082.

This error is seen when a user enables Apache SpamAssassin in their cPanel account.

The error is displayed as:

Even though a final success message is displayed (as shown), account owners (especially resellers) often find this error unsettling, and opens trouble tickets.

What causes this error?

When our engineers encountered this error, it was tracked down to a bug in Apache’s SpamAssassin project, that’s used in cPanel/WHM v11.56 and above.

In SpamAssassin v3.4.1, a bug in a module called PerMsgStatus causes empty strings to be included as domain names. It results in the “Use of uninitialized value in concatenation” error.

As of this post (Aug 17th), this bug (Bug 7196) is still pending a resolution. Until this bug is resolved, cPanel is unlikely to release a patch for it.

Is this a serious error?

No. As explained in SpamAssassin bug tracker, this error does not break anything, but it sure looks scary for an average webmaster.

It is considered a low severity issue, and a quick patch is not expected from SpamAssassin.

What you can do about it

Even though it doesn’t break anything, it does make customers wary of using the Control Panel – After all, your customers think it’s YOUR control panel.

1. Enable SpamAssassin by default

This has two benefits:

• Reduce server spam – SpamAssassin is a mature project, and almost never marks valid mails as spam (in its default settings). So, your customers are protected from spam by default, without the risk of losing valid mails.
• No way to see the error – The error pops up only when SpamAssassin is enabled. So, if it’s turned on by default, there’s no way for customers to see the error.

You can enable SpamAssassin by default by going to

WHM Home >> Service Configuration >> Exim Configuration Manager >> Apache SpamAssassin™ >>  Forced Global ON

2. Deliver lightning fast support

Some shared hosts do not want to force SpamAssassin on their customers. So, it is possible that end customers can report this error at any point of the day.

Cryptic messages make web masters uneasy. So, it is important to explain in simple terms what the error is, and how that error does not affect their mail delivery. The explanation should answer all their questions, and should be timely.

The best way we’ve seen for this is to use 24/7 Live Chat and Help Desk support.

We help Shared Web Hosts deliver round the clock, instant tech support that’s completely integrated to their website.

When faced with an error like this, end-customers click on a Live Chat button or Email link on the Web Host’s site, and we answer the question as the host’s staff. Since we are online 24/7, these issues are often resolved within a few minutes.

What we recommend

We’d recommend you enable SpamAssassin by default.

In the Shared Hosting servers that we manage, we force enable SpamAssassin, and remove SpamAssassin option from the features list.

This ensures that the server is spam-free by default. However, it has a risk (albeit small) that there could be valid mails tagged as spam.

To counter this, we implement conservative spam settings, and audit spam logs to detect valid mails erroneously tagged as spam. We also encourage users to enable BoxTrapper to make sure they can retrieve any erroneously spam-tagged mails.

If you have any questions on enabling SpamAssassin by default, we’d be happy to talk to you.