If you are using Linux, just redirect them at the kernel level, using iptables:
# iptables -t nat -A PREROUTING -p tcp --dport 80 -i eth0 -j REDIRECT --to-port 443
do that as root and leave poor zimbra alone!
Hint: put it in /etc/rc.local to survive reboots.
Also, I found this page with other methods:
http://www-128.ibm.com/developerwork.../l-secjav.html