lostdreamer - 10:57 am on Jul 29, 2010 (gmt 0)

other possibility:
put a js file in your robots.txt as Disallowed
in that js file have a cookie written.

Check for that cookie before transfering to the non-legit site.

Or what I also do sometimes:

Just create an empty link (#) and give it some ID.
Then use a disallowed jquery js to rewrite that link to the one you want your users to be able to click.

Only with js enabled, AND access to a disallowed js file you will be able to click the link.