I agree with starbucks_mafia.
I've studied MD5 and other message digest algorithms extensively, and the main problems they all face are:
1. by nature, collisions. These can only be solved by prefixing known collisions as they are found, and that's a damned good solution.
2. by nature, distribution. These can't be solved, even if you introduce a salt string. The more machines you have working on a hash, the faster it can be cracked. The more hashes you have of a single password (with salt strings), the faster it can be cracked.
There is no perfect message digest algorithm, they're all flawed in the same ways. The difference is the amount of time it takes to generate a hash may be larger for one algorithm than another. In general, when you're talking about an exhaustive bruteforce against a digest that uses a particular algorithm, if you have a large distribution then it won't take long to find a collision even if the plaintext is above 64 bytes in length. Your most secure option is to use a salt string that is >= 64 bytes. If that's not secure enough, use another salt string that is >= 64 bytes and MD5 it twice.
If your algorithm relies on MD6, use some MD6 source code to compile your own DLL and paste the source here, Khaled might be more than happy to implement $md6 if he has something easy to go on.