I've attached a fetchmail config creation script to this post - remove the .txt extension, make it executable, and you can use this for account aggregation.
(All of this can be done as the zimbra user)
Here how it works - you use it to configure fetchmail to grab a number of external accounts, and deliver them to a local account:
zmfetchercfg -a -u email@example.com -H remote.server.com:993 -l firstname.lastname@example.org -p 'remote_pass' -s -P IMAP -f "Inbox" -k -c /opt/zimbra/conf/my_fetchrc
zmfetchercfg -a -u email@example.com -H remote.server.com:993 -l firstname.lastname@example.org -p 'remote_pass' -s -P IMAP -f "Work/Other folder" -k -c /opt/zimbra/conf/my_fetchrc
zmfetchercfg -a -u email@example.com -H pop.gmail.com:995 -l firstname.lastname@example.org -p 'remote_gmail_pass' -s -P POP3 -k -c /opt/zimbra/conf/my_fetchrc
chmod 710 /opt/zimbra/conf/my_fetchrc
This sets up 3 accounts - 2 IMAP from the same server (different folders) and a pop account from gmail (delivered to a different local user). The -k tells it to leave the mail on the server. Also, all of my accounts use SSL to connect - the '-s' flag. If you don't need that, you can omit it (but you'll probably have to change the ports, too).
To test it out
HOME=/some/dir/I/can/write/to fetchmail -v -c -f /opt/zimbra/conf/my_fetchrc
If everything looks good, remove the '-c' and it will really grab the mail.
Things to be careful about: the local account (-l option) needs to exist, or you'll bounce all your mail, which is bad.
Adding the -d option to the fetchmail call will cause this to run as a daemon, and periodically check your mail.
The folder options apply to the remote account, NOT the local account - if you want to control where it gets delivered, set up a filter.
Yes, this is horribly insecure. Yes, you're going to be storing your email passwords on disk in an easily readable format. This is more intended for the home/hobby user, not for any serious enterprise deployment.