diff --git a/src/sbbs3/ftpsrvr.c b/src/sbbs3/ftpsrvr.c
index 4c5378a207ad496f52d0b06a39250fa181ac0171..ad38d53a51357dc9253163e38c4e82f634f86cf2 100644
--- a/src/sbbs3/ftpsrvr.c
+++ b/src/sbbs3/ftpsrvr.c
@@ -1151,6 +1151,7 @@ static BOOL start_tls(SOCKET *sock, CRYPT_SESSION *sess, BOOL resp)
 	char *estr = NULL;
 
 	if (!ssl_sync(&scfg, lprintf)) {
+		lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
 		if (resp)
 			sockprintf(*sock, *sess, "431 TLS not available");
 		return FALSE;
diff --git a/src/sbbs3/mailsrvr.c b/src/sbbs3/mailsrvr.c
index 05cb138b4b963ea44d48ab8b7424984508c390ad..9cd8c1768c28f09b5ff77e2167e37294cd751e21 100644
--- a/src/sbbs3/mailsrvr.c
+++ b/src/sbbs3/mailsrvr.c
@@ -6180,7 +6180,11 @@ void mail_server(void* arg)
 		lprintf(LOG_DEBUG,"Maximum inactivity: %u seconds",startup->max_inactivity);
 
 		update_clients();
-		ssl_sync(&scfg, lprintf);
+		if(!ssl_sync(&scfg, lprintf)) {
+			lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
+			cleanup(1);
+			return;
+		}
 
 		/* open a socket and wait for a client */
 		mail_set = xpms_create(startup->bind_retry_count, startup->bind_retry_delay, lprintf);
diff --git a/src/sbbs3/sbbsecho.c b/src/sbbs3/sbbsecho.c
index 47f284bb37311a2547f3fa8e627fde835ee96b41..e3f5e0f201438f0f3adee8a50bfd073d8ded43f3 100644
--- a/src/sbbs3/sbbsecho.c
+++ b/src/sbbs3/sbbsecho.c
@@ -4972,12 +4972,13 @@ void export_echomail(const char* sub_code, const nodecfg_t* nodecfg, bool rescan
 						break;
 					continue;
 				}
-
-				if(msg.from_net.type != NET_FIDO) {	/* Don't convert tear-lines or origin-lines for FTN-originated messages */
-					/* Need to support converting sole-LFs to Hard-CR and soft-CR (0x8D) as well */
-					if(cfg.strip_lf && buf[l]=='\n')	/* Ignore line feeds */
+				if(buf[l] == '\n') {
+					if(l == 0 || !cr) // Sole LF?
+						fmsgbuf[f++] = '\r';
+					if(cfg.strip_lf)	// Strip line feeds
 						continue;
-
+				}
+				if(msg.from_net.type != NET_FIDO) {	/* Don't convert tear-lines or origin-lines for FTN-originated messages */
 					if(cr) {
 						char *tp = (char*)buf+l;
 						/* Bugfixed: handle tear line detection/conversion and origin line detection/conversion even when line-feeds exist and aren't stripped */
@@ -4994,18 +4995,17 @@ void export_echomail(const char* sub_code, const nodecfg_t* nodecfg, bool rescan
 						else if(!(scfg.sub[subnum]->misc&SUB_NOTAG) && !strncmp(tp," * Origin: ",11))
 							*(tp+1)='#';
 					} /* Convert * Origin into # Origin */
-
-					if(buf[l]=='\r')
-						cr=1;
-					else
-						cr=0;
-					if((scfg.sub[subnum]->misc&SUB_ASCII)) {
-						if(buf[l]<' ' && buf[l]>=0 && buf[l]!='\r'
-							&& buf[l]!='\n')			/* Ctrl ascii */
-							buf[l]='.';             /* converted to '.' */
-						if((uchar)buf[l]&0x80)		/* extended ASCII */
-							buf[l]=exascii_to_ascii_char(buf[l]);
-					}
+				}
+				if(buf[l]=='\r')
+					cr=1;
+				else
+					cr=0;
+				if((scfg.sub[subnum]->misc&SUB_ASCII)) {
+					if(buf[l]<' ' && buf[l]>=0 && buf[l]!='\r'
+						&& buf[l]!='\n')			/* Ctrl ascii */
+						buf[l]='.';             /* converted to '.' */
+					if((uchar)buf[l]&0x80)		/* extended ASCII */
+						buf[l]=exascii_to_ascii_char(buf[l]);
 				}
 				fmsgbuf[f++]=buf[l];
 			}
diff --git a/src/sbbs3/scfg/scfgnode.c b/src/sbbs3/scfg/scfgnode.c
index 3d7ca3167f7406caf524c9140bc647c45095ef72..6da8f86f6e0def5b5e45c1e490106c999e9ea267 100644
--- a/src/sbbs3/scfg/scfgnode.c
+++ b/src/sbbs3/scfg/scfgnode.c
@@ -182,10 +182,7 @@ void node_menu()
 		prep_dir(cfg.ctrl_dir, cfg.node_dir, sizeof(cfg.node_dir));
 
 		load_node_cfg(&cfg,error, sizeof(error));
-		if (cfg.node_num != i + 1) { 	/* Node number isn't right? */
-			cfg.node_num = i + 1;		/* so fix it */
-			save_node_cfg(&cfg); /* and write it back */
-		}
+		cfg.node_num = i + 1;
 		node_cfg();
 
 		free_node_cfg(&cfg);
diff --git a/src/sbbs3/services.c b/src/sbbs3/services.c
index c23d18b0dbb4750b8d3337811ba3ec8e58648b42..c0772a9e6675d29a7ad6c7d7d2f5d3e6c0612a89 100644
--- a/src/sbbs3/services.c
+++ b/src/sbbs3/services.c
@@ -1104,7 +1104,9 @@ static void js_service_thread(void* arg)
 			}
 		}
 #endif
-		if (ssl_sync(&scfg, lprintf)) {
+		if (!ssl_sync(&scfg, lprintf)) {
+			lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
+		} else {
 			HANDLE_CRYPT_CALL(add_private_key(&scfg, lprintf, service_client.tls_sess), &service_client, "setting private key");
 		}
 		BOOL nodelay=TRUE;
@@ -2001,7 +2003,8 @@ void services_thread(void* arg)
 					lprintf(LOG_ERR, "Option error, TLS not yet supported for static services (%s)", service[i].protocol);
 					continue;
 				}
-				ssl_sync(&scfg, lprintf);
+				if(!ssl_sync(&scfg, lprintf))
+					lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
 			}
 			service[i].set=xpms_create(startup->bind_retry_count, startup->bind_retry_delay, lprintf);
 			if(service[i].set == NULL) {
diff --git a/src/sbbs3/websrvr.c b/src/sbbs3/websrvr.c
index c3b9b5ce1694631fa387a8cde7f26a3589b43ed4..1d78cfaaa5d64caa389914e000fb63ddc3916a33 100644
--- a/src/sbbs3/websrvr.c
+++ b/src/sbbs3/websrvr.c
@@ -7243,7 +7243,9 @@ void web_server(void* arg)
 		 */
 		xpms_add_list(ws_set, PF_UNSPEC, SOCK_STREAM, 0, startup->interfaces, startup->port, "Web Server", open_socket, startup->seteuid, NULL);
 		if (startup->options & WEB_OPT_ALLOW_TLS) {
-			if(ssl_sync(&scfg, lprintf))
+			if(!ssl_sync(&scfg, lprintf))
+				lprintf(LOG_CRIT, "!ssl_sync() failure trying to enable TLS support");
+			else
 				xpms_add_list(ws_set, PF_UNSPEC, SOCK_STREAM, 0, startup->tls_interfaces, startup->tls_port, "Secure Web Server", open_socket, startup->seteuid, "TLS");
 		}