He copied the code from BambuStudio into an Orca fork to make it connect to Bambu's cloud. That is A) deliberate and B) easily meets the definition of spoofing.

It is embarrassing that copying that one little thing made a third party fork able to connect to their cloud because A) that would be embarrassing for smaller IoT devices and we're talking about thousand-dollar printers and B) it's highly regarded to be saying on the one hand that your cloud needs security while on the other hand a simple copy/paste of a single function bypassed the security of said cloud that needs protecting.

I agree he would win in court. I don't think they ever planned to even file a complaint. I disagree that it is against the spirit of the AGPL. Signal does the same thing (here's our source code but only our official app can officially connect to our servers and we can ban your app at any time) as far as I can tell and no one complains about them and their shit is AGPL 3.0 only.

As I already said, I don't think they would have any beef with him if he removed that single function - the one that enables use of their cloud infrastructure. The exact problem they have with him, is his distribution of that. I agree that he can distribute it, and they would lose any lawsuit about that. I also agree that its on them to fix it. But returning to the original point, by making source code that can be so easily copied available for download, they have not violated the AGPL. They are not saying he can't distribute his own Orca fork or even his own BambuStudio fork. They're saying "Stop making it connect to our servers" which again I agree is actually their problem. The C&D is just a lazy stopgap.