DKIM, spam blocking and .forward'ed mail

DKIM, spam blocking and .forward'ed mail

My organisation owns more than one domain. Our primary domain has Zoho mail. The other domains are merely forwarded (for both web and e-mail) by our domain name registrar (hexonet.net) so that everything redirects to our main, primary domain.

User mail for our other domains is forwarded, user@my.example.biz -> user@my-zoho-domain.example.net for instance.

Hexonet's mail servers are forwarding.ispapi.net or xdns-smtp2.forwarding.ispapi.net according to these headers: 
Authentication-Results: mx.zohomail.com;
	spf=pass (zoho.com: domain of forwarding.ispapi.net designates 84.200.110.122 as permitted sender)  smtp.mailfrom=SRS0=tmjT=AI=my.example.biz=user@forwarding.ispapi.net
Received: from xdns-smtp2.forwarding.ispapi.net (xdns-smtp2.forwarding.ispapi.net [84.200.110.122]) by mx.zohomail.com
	with SMTP id 1504818059894280.23004094217936; Thu, 7 Sep 2017 14:00:59 -0700 (PDT)
Received: by xdns-smtp2.forwarding.ispapi.net (Postfix, from userid 1000)
	id A6F1A60E76; Thu,  7 Sep 2017 21:00:58 +0000 (UTC)
I'd enabled the inbound spam quarantine for both SPF and DKIM, only to find a huge quantity of forwarded user mail sidelined as failing the DKIM tests. I've since turned both off.

I presume, from the headers, that my issue is with DKIM. Should I whitelist all of my upstream providers (so ispapi.net, forwarding.ispapi.net and the like) or should I just leave DKIM checks on inbound mail shut off?