So before jumping into what those files do, if you want to disable rules for a domain none of those files will do that for you. Disabling rules by domain needs to be done this way:https://www.atomicorp.com/wiki/index.ph ... gle_domain
But please keep reporting any false positives you have - even if you disable a rule, we really appreciate the feedback and it will only help to make the rules better and less likely for a false positive in the future (and thank you for your reports so far!)
As to what those files do:
The trusted domains file ( trusted-domains.conf) is only used by a few rules (injection and spam), it basically says that if a rule find a specific domain in the *content*, not the headers (so its not trusting the domain) then that event is not considered. That file is not used by any rule anymore, we have better logic to figure that out automatically now.
That file is also disabled in all the rules as its just not really necessary. Adding a domain to that file will not do anything unless you uncomment that part of the rule which is not recommended.
domain-spam-whitelist.conf is a list of domains that you want to be ignore *if* they are in the injection and a spam rule triggers. This does not turn off spam rules for those domains. For that you need to disable those spam rules in the vhost file itself.
The whitelist (/etc/asl/whitelist) is used to disable *all* rules for the source IP. Basically thats a way of totally trusting an IP.