When enabling a payload encoder, if a specific encoder is specified as the desired encoder for the payload, if that encoder fails to encode the payload metasploit silently attempts other encoders until one of them is successful. The only way to know that this is happening is to watch the log output for encoder failures. If a specific encoder is specified, it seems more reasonable to attempt only the encoder specified and bail out of the exploit attempt if the desired encoder fails. The fall-through behavior is useful, however I don't believe it should be the default. I would suggest semantics such as are described in the following use cases:
1: set ENCODER my_encoder == only my_encoder is attempted, if it fails, the exploit fails.
2: set ENCODER pref(erred) == the preferred encoder list is traversed, attempting all preferred encoders until one succeeds. This is currently the default behavior.
3: set ENCODER any == any and all encoders are attempted until one succeeds
This is directly relative to my recent modifications of encoders to optionally support the use of context-keys. If a user selects an encoder and indicates that they want to use context keying, encoders which do not support context-keys should not be attempted. Currently, it is desired that this be achievable by explicitly defining the encoder to use, ala use-case #1 above. In use-case #2 and #3, it would be expected that if a encoder is attempted that does not support context-keys, context-keying is ignored for that encoder (current behavior).
