Given any url, for example, http://hostname.example.com/foo/bar/baz.html

take hostname.example.com, and append .multi.surbl.org to it. Then do a DNS lookup on it, i.e. “hostname.example.com.multi.surbl.org”. if the query comes back with an ip address, (it will be 127.0.0.XX, where XX will change according to the blacklists that list that hostname) then it is spam. Remove elements from the hostname until you’re left with nothing but the root (.com, .cx, .com.au, etc, there’s a list of them on surbl.org for you convenience).

As for how to make apache drop HTTP connections based on the referrer, I don’t know how to do that, but it would be a fun mod_anti_spam. ;)

Heck, you could probably use the same technique to stop comment spam, if you inspect the HTTP GET/POST data as well as the Referrer: header…