1. Very few of the emails are DKIM signed. Check for yourself.
2. Even where DKIM is signed, it relies on the following assumtions.
A: The attacker has not compromised the Google private key
B: The attacker has not compromised DKIM or any of the technologies it relies on
C: The attacker had not compromised the sending account at the time of sending.
The requirement of assumption C is applicable regardless of who the attacker is. Assumptions A and B fail when considering a highly motivated state actor. It should go without saying that everyone here knows that major powers actively work on things like A & B, and C is their bread and butter.
Do I think that a power like, say, Russia, has compromised DKIM itself, or any of the technologies it relies on? Probably not, but I certainly wouldn't put it past them. Do I think that said entity has compromised the Google private key? Probably not, but again, I certainly wouldn't put it past them. I absolutely would not put C past them - but it depends on the importance attached to the topic at hand.
To reiterate: the majority of the leak will be real. But there is an active, demonstrable history this cycle, of the attackers salting the leaks with fakes, using the real content to try to legitimize the fakes, so try not to be naive about all this.