As a side-note...<a href="http://bad-site.xx/" onmouseover="javascript:window.status='http://nice-site.xx';">blah</a> If you point your mouse over that link, you'll see "http://nice-site.xx" in the status bar, but clicking will lead you to http://bad-site.xx/. This is already widely used in spoof e-mails.
[.xx is a ccTLD which, per RFC and ISO standard, will *never* be used, so my example domains will never exist. Just a precaution.]
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html