Due to the way we run internal security at our company, most passwords aren't that strong, don't get regularly changed, and consequently are only known to the individuals (i.e. not shared, or written down).

This is OK internally, but when allowing remote access causes a problem. To solve this I implement more stringent requirements for those that are allowed, and get them to open a gateway first. This gateway only allows those with a decent password and correct group membership through.

Now I know Zimbra can be selective about IMAP and POP access (down to the individual user settings), but would like this to also apply to other access, e.g. HTTPS.

In a more technical explanation, have some form of proxy port for HTTPS access, that checks if the user has the required security (check box ticked) before letting them in.