Nobody uses rainbow tables or cares to mitigate them. People care that GPU rigs get hundreds of billions of hashes-per-second[1] against a single-iteration salted hash. So all 8-char case-sensitive alphanumeric combinations can be checked in 18 minutes[2].
If you are attacking just one password, that makes sense. But if you want to check all the compromised accounts for easy to guess passwords, a salt will increase the cost.
Salt won't save you. For checking most common passwords against stolen database, you try the top one million most common passwords against each hash, at a rate of 200,000 hashes per second.
A dictionary-based attack that tries variants and inserts digits and spends one second per hash will catch the less common passwords.
1 - https://gist.github.com/epixoip/a83d38f412b4737e99bbef804a27...
2 - (pow(26+26+10, 8) / 2*pow(10, 11)) / 60