SecFilterSelective THE_REQUEST "bcc:|Bcc:|BCc:|BCC:|bCc:|bCC:|bcC:|BcC:"
What that will do is search first for the bcc, Bcc, etc then look for com, org, or net in a url. I was trying to filter it looking for an @ symbol but I was having trouble with apache picking it up. I figure if they are not spamming to one of those TDLs it is probably not a very big attack. If you want to protect more simply add to the list, remember all it has to do is catch one and it blocks the entire request.